cancel
Showing results for 
Search instead for 
Did you mean: 

/etc/passwd to LDIF

Andrey T.
Occasional Contributor

/etc/passwd to LDIF

Hello,

I had an Red Hat 8.0 LDAP server configured and it is working fine, however, I wonder if there is a tool or script to migrate the server's /etc/passwd entries to LDIF format where it can be imported to the LDAP server... I have several thousands of users on this machine and hope there a way of not doing it manually.

Thanks,

Andy
5 REPLIES
Steven E. Protter
Exalted Contributor

Re: /etc/passwd to LDIF

Shalom,

Identify the format that the Red Hat LDAP server can import and then write a littl awk script to write a file in the appropriate format.

There are a lot of more slick ways to do this but.

while read -r DL
do
username=$(awk -F: '{ print $1 }')
numuser=$(awk -F: '{ print $3 }')
groupid=$(awk -F: '{ print $4 }')
# repeat for other fields.
DO="${username},${numuser},${groupid}"
echo DO >> /tmp/exportfile

done < /etc/passwd


I bet someone can do this totally with awk and no while loop.

awk -F: '{print $1 $3 $4 $5}' steve

steve being a copy of /etc/passwd.

Add a little formating and you are done.

SEP

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Andrey T.
Occasional Contributor

Re: /etc/passwd to LDIF

Thanks, Steve.

Isn't there any way to import the user's passwords as well? And if not with Red Hat Directory Server, then might be that OpenLDAP can do this? I would prefer to reinstall the LDAP server with different brand than to set those 3000 passwords manually :-(

Andy
Steven E. Protter
Exalted Contributor

Re: /etc/passwd to LDIF

Shalom,

Passwords are encrypted, and I do not believe they can be exported. Normally the procedure for such a situation would be to set the users with new temporary passwords in the LDAP server.

This is better handled via procedures.

Could you crack the user passwords? Probably, but it could take weeks and would violate many good practices.

More awk fun.
awk -F: '{printf("%8s %5s %4s\n",$1,$3,$4)}' steve

I'm in serious awk mode today. The weather in Toledo is awkful.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Steven E. Protter
Exalted Contributor

Re: /etc/passwd to LDIF

Shalom,

I've done a bit of LDAP scripting in the past.

It actually is possible to do a script that resets the password, and emails the user a temporary password and instructions.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Weltman, Ulf
Valued Contributor

Re: /etc/passwd to LDIF

Hello Andy. You can use the script /opt/ldapux/migrate/migrate_passwd.pl supplied by the LDAP-UX product for this. LDAP-UX is probably already present on your system, but if not, you can pick it up here:
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4269AA

Red Hat DS 8.0 and HP-UX DS 8.1 support crypt password hashing and the migrate_passwd.pl script will migrate passwords by simply prefixing the hash with {crypt}. Crypt passwords might not be portable across platforms, in particular Linux doesn't use traditional UNIX crypt, but crypt values from passwd on HP-UX to RHDS 8.0 on HP-UX should be fine.