LDAP-UX Client Services B.04.10 with Microsoft Windows Active Directory Server Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

181

182

183

184

185

186

187

188

189

190

Directory for Kerberos authentication. Therefore, to allow users to log on to a UNIX system, the

Active Directory administrator needs to enable the user account first and set the initial password.

CAUTION: The password migration tool migrates all user accounts from the specified source

files or NIS server. For security reasons, the root user and any objects with uid=0 should either

be removed from the resulting LDIF file before migrating to Active Directory, or be removed

from the Active Directory.

NOTE: msSFUPassword is not used by the LDAP-UX Client Services because it uses Kerberos

as its authentication method. If you want to set msSFUPassword for your own purposes, you

can set it with ADSI edit on your domain controllers. LDAPUX assumes all POSIX passwords

are either in cleartext or encrypted with unix crypt and stored with a prefix (crypt).

Migrating All Your Files

The two shell scripts migrate_all_online_ads.sh and migrate_all_nis_online_ads.sh

migrate all your name service data either to LDIF or into your directory. The

migrate_all_online_ads.sh shell script gets information from the source files, such as

/etc/passwd, and /etc/group. The migrate_all_nis_online_ads.sh script gets

information from your NIS maps using the ypcat(1) command. The scripts take no parameters,

but prompt you for needed information. They also prompt you for whether to leave the output

as LDIF or to add the entries to your directory. These scripts call the Perl scripts described under

“Migrating Individual Files” (page 185). You will need to modify these scripts to ensure that any

calls to Perl scripts not listed in “Default Naming Context” (page 184) are commented out. You

need to comment out the following scripts in the file:

• $PERL /opt/ldapux/migrate/migrate_fstab.pl

• $PERL /opt/ldapux/migrate/migrate_netgroup_byuser.pl

• $PERL /opt/ldapux/migrate/migrate_netgroup_byhost.pl

Migrating Individual Files

The following Perl scripts migrate each of your source files in /etc to LDIF. These scripts are

called by the shell scripts described under “Migrating All Your Files” (page 185). The Perl scripts

get their information from the input source file and output LDIF.

Migration Scripts

The migration scripts are described in “Migration Scripts” (page 185) below.

Table C-9 Migration Scripts

DescriptionScript Name

creates base DN information

migrate_base.pl

migrates groups in /etc/groupmigrate_group_ads.pl

migrates hosts in /etc/hostsmigrate_hosts_ads.pl

migrates networks in /etc/networksmigrate_networks_ads.pl

migrates users in/etc/passwdmigrate_passwd_ads.pl

migrates protocols in /etc/protocolsmigrate_protocols_ads.pl

migrates RPCs in /etc/rpcmigrate_rpc_ads.pl

migrates services in /etc/servicesmigrate_services_ads.pl

Name Service Migration Scripts 185