Most people just use the normal linux user system /etc/passwd and shadow files for their users.
But migrating this can be a good thing as you can centralize your users and have more fine-tuned control over them. (online ldap configuration anybody?)

Here’s my guide on how to migrate your linux users to your ldap database. It was done on debian lenny with a lot of ache and pain. Hopefully this will make it easier for you.

First change dir (make sure you have run “apt-get install migrationtools” before starting)
# cd /usr/share/migrationtools/

then edit the conf file named migrate_common.ph with:

    $DEFAULT_MAIL_DOMAIN = "yourdomain.com";<br></br>
    $DEFAULT_BASE = "dc=yourdomain,dc=com";  ```

Now export your local grp and passwd files:

**NOTE:** If you use a different shadow file, edit migrate_passwd.pl to point to that modified shadow file.
# ./migrate_group.pl /etc/group ~/group.ldif<br></br>
# ./migrate_passwd.pl /etc/passwd ~/passwd.ldif```

NOW: After you have run the migrate commands, you will want to edit the new ldif files and remove the entries you don’t need in the database (any daemons, root, maybe another couple users, etc..)

Time to create the OU’s. To do this, make a file in your home dir named people_group.ldif containing (of course modifying the dc’s):

 dn: ou=People, dc=yourdomain, dc=com<br></br>
    ou: People<br></br>
    objectclass: organizationalUnit```

 dn: ou=Group, dc=yourdomain, dc=com  
 ou: Group  
 objectclass: organizationalUnit

**NOTE:** The above file gave me problems. May want to do two separate files, a *people.ldif* and *group.ldif*

Now to import into the db:  
# ldapadd -x -W -D "cn=admin,dc=yourdomain,dc=com" -f ~/people_group.ldif<br></br>
# ldapadd -x -W -D "cn=admin,dc=yourdomain,dc=com" -f ~/group.ldif<br></br>
# ldapadd -x -W -D "cn=admin,dc=yourdomain,dc=com" -f ~/passwd.ldif  ```

It will ask you for your admin password for the db each time. then you are good to go…Hopefully…

Now, just go to your passwd and shadow files and take out the entries of users you have added to the db. Want to see how to easily manage your users? Check out the guide for phpldapadmin!

Blog Logo

Mario Loria


Published

Image

./scriptthe.net

Because 127.0.0.1 gets old after a while.

Back to Overview