kolab3 migrate ldap to external server
Manel Gimeno Zaragozá
magiza83 at hotmail.com
Mon Jun 17 16:13:37 CEST 2013
any help to migrate LDAP to an external 389 LDAP server?
thanks
Manel
From: magiza83 at hotmail.com
To: kolab-users at kolab.org
Subject: kolab3 migrate ldap to external server
Date: Thu, 13 Jun 2013 16:54:32 +0200
Hello,
I have a kolab3 server with hosted domains and I'm trying to create an external LDAP server. My intention is to migrate the default ldap server from kolab3 to an external server which already have some information of my environment and merge both server in one in order to just manage one ldap server.
Could someone please provide me some guidance about how to do it?
I've try to import kolab schema, also objects and attributes (ldif files from one to another). But I'm having troubles with the kolab-service user. In the new LDAP it looks like it has no permission to search in all domains.
# cat kolab-services-aci.ldif
dn: cn=kolab,cn=config
aci: (targetattr = "*") (version 3.0;acl "Kolab Services";allow (read,compare,
search)(userdn = "ldap:///uid=kolab-service,ou=Special Users,dc=kolab,dc=ddol
,dc=es");)
aci: (targetattr = "*") (version 3.0;acl "Hosted Kolab Services";allow (read,c
ompare,search)(userdn = "ldap:///uid=hosted-kolab-service,ou= Special Users,d
c=kolab,dc=ddol,dc=es");)
# kolab.ddol.es, kolab, config
dn: associateddomain=kolab.ddol.es,cn=kolab,cn=config
aci: (targetattr = "*") (version 3.0;acl "Read Access for kolab.ddol.es Users"
;allow (read,compare,search)(userdn = "ldap:///dc=kolab,dc=ddol,dc=es??sub?(o
bjectclass=*)");)
aci: (targetattr = "*") (version 3.0;acl "Hosted Kolab Services";deny (read,se
arch)(userdn = "ldap:///uid=hosted-kolab-service,ou=Special Users,dc=kolab,dc
=ddol,dc=es");)
but when I try to import the information I'm getting:
# ldapmodify -a -h localhost -p 1389 -D "cn=orcladmin" -w asddol00 -v -c -f kolab-services-aci.ldif
ldap_initialize( ldap://localhost:1389 )
add aci:
(targetattr = "*") (version 3.0;acl "Kolab Services";allow (read,compare,search)(userdn = "ldap:///uid=kolab-service,ou=Special Users,dc=kolab,dc=ddol,dc=es");)
adding new entry "cn=kolab,cn=config"
ldap_add: Object class violation (65)
additional info: missing required attribute "objectclass"
On the other hand, I've modify roundcubemail to search in the new ldap, also kolab_wap in kolab.conf.
In fact, I'm able to login with "ldap admin" (I've also change it to mach the admin, and now it is not anymor Directory Manager)
I can create users in the new LDAP from kolab-webadmin, but not new domains. I'm not able to login in roundcubemail either, it can not find the users because it uses de kolab-service user.
Any help?
Manel
_______________________________________________
Kolab-users mailing list
Kolab-users at kolab.org
https://www.intevation.de/mailman/listinfo/kolab-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/users/attachments/20130617/7e504894/attachment.html>
More information about the users
mailing list