This is an old revision of the document!
!!! Объект dc=corpX,dc=un создается автоматически при инсталляции !!!
server# cat organization.ldif
dn: dc=corpX,dc=un objectClass: dcObject objectClass: organization o: Corporation X dc: corpX
Из dcObject наследуется атрибут dc
Из organization наследуется атрибут o
server# ldapadd -x -D "cn=admin,dc=corpX,dc=un" -w secret -f organization.ldif
server# cat orgstructure.ldif
dn: ou=users,dc=corpX,dc=un objectClass: organizationalUnit ou: users dn: ou=groups,dc=corpX,dc=un objectClass: organizationalUnit ou: groups
server# ldapadd -x -D "cn=admin,dc=corpX,dc=un" -w secret -f orgstructure.ldif
server:~# ldapsearch -x -b "dc=corpX,dc=un"
server# cat passwdgroup.ldif
dn: cn=user1,ou=groups,dc=corpX,dc=un objectClass: posixGroup cn: user1 gidnumber: 10001 dn: cn=user2,ou=groups,dc=corpX,dc=un objectClass: posixGroup cn: user2 gidnumber: 10002 dn: uid=user1,ou=users,dc=corpX,dc=un objectClass: inetOrgPerson objectClass: posixAccount uid: user1 sn: Ivanov cn: Ivan Ivanovitch Ivanov gecos: Ivan Ivanovitch Ivanov,RA7,401,499-239-45-23 uidNumber: 10001 gidNumber: 10001 loginshell: /bin/sh homeDirectory: /home/user1 userpassword: * dn: uid=user2,ou=users,dc=corpX,dc=un objectClass: inetOrgPerson objectClass: posixAccount uid: user2 sn: Petrov cn: Petr Petrovitch Petrov gecos: Petr Petrovitch Petrov,RA7,402,499-323-55-53 uidnumber: 10002 gidnumber: 10002 loginshell: /bin/sh homedirectory: /home/user2 userpassword: * dn: cn=group1,ou=groups,dc=corpX,dc=un cn: group1 gidNumber: 15001 memberUid: user1 memberUid: user2 objectClass: posixGroup
server# ldapadd -x -D "cn=admin,dc=corpX,dc=un" -w secret -f passwdgroup.ldif ...
server# ldapsearch -x -b"dc=corpX,dc=un" "uid=user1"
server# ldapdelete -x -D "cn=admin,dc=corpX,dc=un" -w secret "uid=user1,ou=users,dc=corpX,dc=un"
server:~# cat addmailphone.ldif
dn: uid=user1,ou=users,dc=corpX,dc=un changetype: modify add: telephoneNumber telephoneNumber: 401 dn: uid=user1,ou=users,dc=corpX,dc=un changetype: modify add: mail mail: user1@corpX.un dn: uid=user2,ou=users,dc=corpX,dc=un changetype: modify add: telephoneNumber telephoneNumber: 402 dn: uid=user2,ou=users,dc=corpX,dc=un changetype: modify add: mail mail: user2@corpX.un
server# ldapmodify -x -D "cn=admin,dc=corpX,dc=un" -w secret -f addmailphone.ldif
client1:~# cat addunixattr.ldif
dn: CN=guser1,CN=Users,DC=corpX,DC=un changetype: modify add: gidNumber gidNumber: 10001 dn: CN=guser2,CN=Users,DC=corpX,DC=un changetype: modify add: gidNumber gidNumber: 10002 dn: CN=Ivan I. Ivanov,CN=Users,DC=corpX,DC=un changetype: modify add: uidNumber uidNumber: 10001 dn: CN=Ivan I. Ivanov,CN=Users,DC=corpX,DC=un changetype: modify add: gidNumber gidNumber: 10001 dn: CN=Ivan I. Ivanov,CN=Users,DC=corpX,DC=un changetype: modify add: unixHomeDirectory unixHomeDirectory: /home/user1 dn: CN=Ivan I. Ivanov,CN=Users,DC=corpX,DC=un changetype: modify add: loginShell loginShell: /bin/sh dn: CN=Petr P. Petrov,CN=Users,DC=corpX,DC=un changetype: modify add: uidNumber uidNumber: 10002 dn: CN=Petr P. Petrov,CN=Users,DC=corpX,DC=un changetype: modify add: gidNumber gidNumber: 10002 dn: CN=Petr P. Petrov,CN=Users,DC=corpX,DC=un changetype: modify add: unixHomeDirectory unixHomeDirectory: /home/user2 dn: CN=Petr P. Petrov,CN=Users,DC=corpX,DC=un changetype: modify add: loginShell loginShell: /bin/sh dn: CN=group1,CN=Users,DC=corpX,DC=un changetype: modify add: gidNumber gidNumber: 15001 dn: CN=group1,CN=Users,DC=corpX,DC=un changetype: modify add: memberUid memberUid: user1 dn: CN=group1,CN=Users,DC=corpX,DC=un changetype: modify add: memberUid memberUid: user2
client1:~# export LDAPTLS_REQCERT=never client1:~# ldapmodify -x -D "cn=Administrator,cn=Users,dc=corp6,dc=un" -W -H ldaps://server -f addunixattr.ldif
# apt install migrationtools server.corp13.un:~# diff migrate_common.ph /etc/migrationtools/migrate_common.ph
58c58 < $NAMINGCONTEXT{'passwd'} = "ou=People"; --- > $NAMINGCONTEXT{'passwd'} = "ou=users"; 61c61 < $NAMINGCONTEXT{'group'} = "ou=Group"; --- > $NAMINGCONTEXT{'group'} = "ou=groups"; 71c71 < $DEFAULT_MAIL_DOMAIN = "padl.com"; --- > $DEFAULT_MAIL_DOMAIN = "corpX.un"; 74c74 < $DEFAULT_BASE = "dc=padl,dc=com"; --- > $DEFAULT_BASE = "dc=corpX,dc=un"; 96,97c96,97 < #$IGNORE_UID_BELOW = 1000; < #$IGNORE_GID_BELOW = 100; --- > $IGNORE_UID_BELOW = 1000; > $IGNORE_GID_BELOW = 1000; 100,101c100,101 < #$IGNORE_UID_ABOVE = 9999; < #$IGNORE_GID_ABOVE = 9999; --- > $IGNORE_UID_ABOVE = 65500; > $IGNORE_GID_ABOVE = 65500;
# ln -s /etc/migrationtools/migrate_common.ph /etc/perl/migrate_common.ph # /usr/share/migrationtools/migrate_group.pl /etc/group # /usr/share/migrationtools/migrate_passwd.pl /etc/passwd