HPE Community
Operating System - HP-UX
1832928 Members
2651 Online
110048 Solutions
New Discussion

User Migration to LDAP

 
SOLVED
Go to solution
bfrench
Advisor

‎12-06-2007 11:44 AM

‎12-06-2007 11:44 AM

User Migration to LDAP

Has anyone ever had to migrate users? We are preparing for an LDAP installation and we have the same users on different servers with different UID's. I'd like to get this all fixed prior to moving to LDAP. I will also need to fix a few other UID like Oracle, :-( , not looking forward to testing that one. Anyway ... So I have 5 HP servers and two base applications (SAS,Oracle) not necessary for all users to be on all server just SAS users on SAS server and Oracle users on Oracle. With the exception of about 10 application accounts which are on all server. I'd like to create a master passwd file and then update from it. All idea's and suggestions will be greatly appreciated.

Thanks,
Brian
0 Kudos
Reply
6 REPLIES 6
James R. Ferguson
Acclaimed Contributor

‎12-06-2007 11:55 AM

‎12-06-2007 11:55 AM

Re: User Migration to LDAP

Hi Brian:

Aligning UIDs (and/or GIDs) with their mapped names is really a matter of finding and changing the numeric values (carefully in all places) to match a modified login database. To this end, 'find' is your friend:

# find / -nouser
# find / -nogroup
# find / -user 1234
# find / -group 333

Having evaulated that (for example) user (uid) "1234" can safely have its files and directories changed to uid=5678, you can do:

# find / -user 1234 -exec chown 5678 {} \+

Regards!

...JRF...
Reply
bfrench
Advisor

‎12-06-2007 12:00 PM

‎12-06-2007 12:00 PM

Re: User Migration to LDAP

I ran that command last year on a test server and it seemed to run forever. I also tried to use SAM. It also took a very long time. I'm not in a big rush to get this done, but are there any better tools?

Thanks,
Brian
0 Kudos
Reply
bfrench
Advisor

‎12-06-2007 12:03 PM

‎12-06-2007 12:03 PM

Re: User Migration to LDAP

Also, Are you aware of any Danger in changing Oracle's UID?
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎12-06-2007 12:09 PM

‎12-06-2007 12:09 PM

Solution

Re: User Migration to LDAP

Hi (again) Brian:

Most certainly, running 'find' and visiting (and internally stat()ing EVERY directory and file found is very performance intensive!

If at all possible, specify only the directories or mountpoints that you know hold items of interest:

# find /app /oracle /home -user 1234 ...

I would actually suggest that you output the names of the files and directories that need to be changed into a file that you can edit to actually execute 'chown' commands.

Regards!

...JRF...
Reply
bfrench
Advisor

‎12-06-2007 12:13 PM

‎12-06-2007 12:13 PM

Re: User Migration to LDAP

Thanks James,

I will try this on our test server and let you know how things workout. And yes I will produce and file that I can run the chown against.

Thanks for your help

Brian
0 Kudos
Reply
bfrench
Advisor

‎12-19-2007 10:36 AM

‎12-19-2007 10:36 AM

Re: User Migration to LDAP

I was able to combine the two examples to get the command to run very fast.

find /sas/sasuser /tmp -user 563 -exec chown 1563 {} \+

Thanks so much for your help.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.