/posix2ldap

Migration of POSIX databases to OpenLDAP

Primary LanguageGoGNU General Public License v3.0GPL-3.0

posix2ldap

Unit tests

Migration of POSIX databases to OpenLDAP.

Description

This is a CLI to migrate users and groups from a Linux POSIX database to a OpenLDAP server by creating LDIF files.

It is mostly based on the migrationtools code, more specifically the migrate_common.ph, migrate_group.pl and migrate_passwd.pl. Although the code from there is pretty archaic (even for Perl long tradition of backwards compatibility), the definitions for OpenLDAP seems to be pretty solid though.

This CLI does not supports Samba or NIS handling, only the regular files to manage users and groups (/etc/passwd and /etc/group).

This CLI does supports /etc/gshadow, which is not included in the migrationtools already mentioned files.

Requirements

The minimal expected schemas to be available in the OpenLDAP server are:

  • cosine
  • nis
  • inetorgperson
  • misc

Usage

See the CLI program help:

$ posix2ldap --help
Usage of ./posix2ldap:
  -base-dn string
        Specify the base DN, default to dc=foobar,dc=org (default "dc=foobar,dc=org")
  -dns-domain string
        Specify the DNS domain to use, default to foobar.org (default "foobar.org")
  -ignore-gid-above int
        Specify the maximum GID to consider retrieving, default is 2000 (default 2000)
  -ignore-gid-below int
        Specify the minimum GID to consider retrieving, default is 1000 (default 1000)
  -ignore-uid-above int
        Specify the maximum UID to consider retrieving, default is 2000 (default 2000)
  -ignore-uid-below int
        Specify the minimum UID to consider retrieving, default is 1000 (default 1000)
  -mail-host string
        Optional, define inetLocalMailRecipient attributes if provided
  -save-to string
        Optional, path to a file to save LDIF result if provided
  -use-extended
        Uses the LDAP inetOrgPerson class for extended attributes, otherwise Account will be used by default

Development requirements

  • see go.mod for minimum Golang version and modules required to compile and run tests.
  • GNU Make.
  • golangci-lint is required to run validations.

See the Makefile for the available targets.

Install

See the project releases to download the binary.

References