Migrating User objects (and userpassword) in OID

Assumptions:

Legacy OID SID = infra1

New OID SID = orcl1

 

Step 1. Export All Objects from the Root realm:

 

Export the data from, the root realm, out of the legacy directory:

ldifwrite -c infra1 -b “o=xxx,c=yy” -f out.ldif

 

Remove the userpassword attribute:

sed ‘/userpassword:/d’ out.ldif > tmp.ldif

 

Replace the output file with the updated file (passwords removed)

mv temp.ldif out.ldif

 

Stop the OID process of the new OID (opmnctl stopall)

 

Use bulkload to check the schema and generate an intermediate file:

bulkload -connect=orcl -check=true -generate=true -file=out.ldif

 

Assuming there are no errors, use bulkload to load the data into the new directory.

Bulkload -connect=orcl -load=true -file=out.ldif

 

Restart the OID process of the new OID (opmnctl startall)

 

Step 2. Migrate userpassword attribute

 

Export the dn and userpassword attribute from each object that has userpassword:

ldapsearch -h hostname –port -D “cn=orcladmin” -w password –s sub -b “” “objectclass=*” dn userpassword > ./pwdout.ldif

 

Import the user passwords into the new directory

ldapmodify -h hostname -p port -D “cn=orcladmin” -w password -f ./pwdout.ldif

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top