Thanks to all of you for the advise.
Howard is correct, when using dsconf to export the DSEE catalog, you get some "special" SUN-ONLY attributes, which are not supported/formatted correctly, and therefore cant be imported using slapadd. I read somewhere about stripping those out before performing the import, although I'm not sure whether I would actually need the data stored in these attributes...
Using ldapadd sounds like the way to go, although I'm not sure how this helps me "filter" the special SUN-ONLY attributes... Just ensures I donĀ¹t feed garbage into my new shiny openldap catalog :)
Bills idea of performing a ldapsearch from the openldap box, and somehow feeding that to slapadd/ldapadd sounds like a good plan, but not sure about the best way to get this done...
Will do some more reading, but if anyone has some tips, I'm all ears.
Thanks again,
On 21/03/11 8:55 PM, "Howard Chu" hyc@symas.com wrote:
Bill MacAllister wrote:
I'm not sure that replication between the two is an option (although would love it if it was :), so I have looked into exporting the current DSEE environment to a LDIF, and attempted to then import it into openldap (using slapadd), but ran into a few issues...
The issue I'm currently stuck on is getting the data in the LDIF into a format that can be imported using slapadd. Currently, I have issues with automounts, pwdReset attribs etc etc...
Why can't you just use ldapsearch on the existing directory and use that as input to slapadd?
slapadd is meant for well-formed LDIF input, mainly from slapcat. DSEE is known to not support schema checking of any kind, therefore any LDIF you obtain from it will most likely be full of garbage and not well-formed. As such, you should only use ldapadd to import it, so you get full error checking on the import.
Of course, that only gets you the data. I would bet that the real issue will be getting the access controls correct.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/