Hello,
I’m planning a migration of Linux account data from /etc/ files to 389-ds (or
OpenLDAP/slapd, but for now I’m leaning toward 389-ds).
I have a few questions that I hoped folks here might help with?
- What kinds of automation tools do folks use for creating/updating/removing dirsrv
entries? I’m assuming there is something that abstracts over all of the actual schema
details?
- What tools have folks used for migration of existing account data? I see a package of
Perl scripts that some distros provide; is that about it?
- When creating a new posixAccount & posixGroup, how are UIDs and GIDs to be chosen?
If I have 10,000 users, do I have to grab all 10,000 posixAccount and posixGroup entries
to determine which is the next unused UID & GID, or is there some cleaner solution?
- Are there tools to facilitate race safety if, e.g., two concurrent queries try to create
an account at the same time?
- I see that OpenLDAP/slapd can embed a Perl interpreter or exec arbitrary commands to
fulfill queries. Can 389-ds do something similar to implement dynamic query results?
Thank you in advance!
cheers,
-Felipe Gasper