Results 1 to 8 of 8

Thread: Migrate users from iPlanet or Sun JES or Unix user with keep original user's password

  1. #1
    rungsan is offline Member
    Join Date
    Jan 2006
    Posts
    11
    Rep Power
    9

    Unhappy Migrate users from iPlanet or Sun JES or Unix user with keep original user's password

    I want to migrate users from iPlanet or Sun JES or Unix user with keep original user's password. Before that I used to migrate users from Unix to iPlanet and iPlanet to SUN JES with ldapmodify command by enter userPassword attribute like this.
    {CRYPT}cmKaxCui509lU
    or
    {SSHA}5SlPugduRSKLQJGAovO/kPQdiDqtTF08DmZWMQ==

    But in Zimbra it not work (both zmprov and ldapmodify). Have any solutions to do it?

  2. #2
    schemers is offline Zimbra Employee
    Join Date
    Aug 2005
    Posts
    228
    Rep Power
    9

    Default

    I've filed a bug (10409) and will fix this in 4.0.1 or 4.0.2. You'll be able to do the following:
    Code:
    ca smith@slapshot.liquidsys.com "" userPassword {SSHA}8+r0nkcErptqasSrFPcT0k81NFrbTcAS
    Prior to 4.0, your best bet is to use ldapmodify and directly set it.
    Last edited by schemers; 09-01-2006 at 05:52 PM. Reason: update release
    Bugzilla - Wiki - Downloads - Before posting... Search!

  3. #3
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    thankyou thankyou thankyou schemers!!!

    in the meantime, here's a little cli php hack i wrote for a recent migration. it takes a csv file with each line "email,password", and outputs an ldif file. it assumes your existing password hash doesn't have the crypto prefix so if yours does you might want to strip out the {crypt} bit, and i only had two .tlds - .co.uk and .com - if you have more you'll have to add them or rewrite it properly, sorry for the ugly hack but might help someone here.

    PHP Code:
    <?php

    $lines 
    file("passwords.csv");

    $i=0;
    foreach (
    $lines as $rawline) {
            
    $line trim($rawline);
            
    $fields split(",",$line);
            
    $accounts[$i]["email"] = $fields[0];
            
    $accounts[$i]["password"] = $fields[1];
            
    $i++;
    }

    foreach (
    $accounts as $account) {
            
    $email1 split("\.",$account["email"]);
            
    $email2 split("@",$email1[0]);
            echo 
    "dn: uid=" .$email2[0] .",ou=people,dc=" .$email2[1];
            if (
    $email1[1] == "com") echo ",dc=com";
            if (
    $email1[1] == "co" && $email1[2] == "uk") echo ",dc=co,dc=uk";
            echo 
    "\n";
            echo 
    "changetype:modify\n";
            echo 
    "replace:userpassword\n";
            echo 
    "userpassword:{crypt}" .$account["password"];
            echo 
    "\n\n";
    }

    ?>

  4. #4
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    this looks like its been fixed in 4.0.1. thanks!!

  5. #5
    rungsan is offline Member
    Join Date
    Jan 2006
    Posts
    11
    Rep Power
    9

    Default

    I was created user and passed in the encoded password but could not loged in.
    These are users I created.

    user1 userPassword: {SSHA}0oMapnVeZ+6OIpVk59Vuq26G4ZMmsYjt
    user2 userPassword: {SSHA}0oMapnVeZ+6OIpVk59Vuq26G4ZMmsYjt
    user3 userPassword: {SSHA}Hg7i6kx35cUblu4MEUFGl7iOnXckRqwB+WJCFg==
    user4 userPassword: {SSHA}Hg7i6kx35cUblu4MEUFGl7iOnXckRqwB+WJCFg==
    user5 userPassword: {CRYPT}wq0wMGe7XU5m

    user1 created by zimbra, user2 passed in password from user1, both can loged in.
    user3 and user4 passed in password from Sun JES but can't loged in.
    user5 passed in password from Solaris password but can't loged in.

    How to do it?

  6. #6
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    usnig 4.01 or 4.02? i haven't tested whether the hash passing actually works or not, hopefully it does. using zmprov to do this?

    after you've done the import, look at the userPassword attribute once it's in ldap and compare it to the hash you provide to make sure it's going through untouched. also, sure your user3 and user4 passwords are ssha and not sha or md5? if they're md5 i think they need to go in as {crypt}.

  7. #7
    rungsan is offline Member
    Join Date
    Jan 2006
    Posts
    11
    Rep Power
    9

    Default

    I test on zimbra 4.02 with zmprov command and the userPassword attribute after passing is same with original ldap and it is ssha (in Sun JES LDAP the output of ldapsearch command also show encoded type). I think this case is importance for migrating from exiting system.

  8. #8
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Did you check in bugzilla for bug 10409, you should find what you need there. It helps to check the bug reports that have been raised for a problem.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  2. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 11:34 AM
  3. Cannot login as admin after install
    By elesouef in forum Installation
    Replies: 23
    Last Post: 02-13-2007, 09:06 AM
  4. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 11:38 AM
  5. Seeming variety of problems on suse-9.1
    By Crexis in forum Installation
    Replies: 52
    Last Post: 03-04-2006, 12:19 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •