Rich Megginson <rmeggins(a)redhat.com&gt; wrote: [...] You can cause the migration tools to use inetOrgPerson instead of account for your structural class by either 1) Setting the environment variable $LDAP_EXTENDED_SCHEMA to 1 before running the migration scripts, or 2) Editing /usr/share/openldap/migration/migrate_common.ph so that $EXTENDED_SCHEMA = 0; on line 90 or so reads $EXTENDED_SCHEMA = 1; Then you can add the hostObject class manually to inetOrgPerson if you really need it, and not use account at all. You can also cause groups to be put in ou=Groups instead of ou=Group by editing line 61 or so of migrate_common.ph appropriately. This is in the middle of the else condition of the test for the presence of /usr/sbin/mkslapdconf ($NETINFOBRIDGE). It'll use posixGroup as the structural class, of course, which leads into the whole discussion of whether you can/should use groupOfUniqueNames as well that we just recently had on the list. The PADL migration scripts are a bit rickety; it's a good idea to always check their output for sanity. -- Steve Bonneville