We are trying to move our servers off a very old version of iplanet (circa 2002) to 389 DS. The data in both ldaps is almost identical, except that there was some stuff in the iplanet that couldn't convert over to 389. I'm not sure exactly what wouldn't convert, except that I couldn't do an export of the iplanet database and import into 389, instead did an ldif.
Everything we have converted so far (RHEL 4,5,6 and Solaris 10) has gone over successfully, but I'm running into problems with some old Solaris 9 servers. They seem to be connecting successfully to the ldap, but not pulling back a password. getent passwd shows the list of users in the ldap, and I can su from root to my user account. When I have su'ed to my account, groups shows all the groups that I have in my ldap account on the new DS. I noticed this in the ldap logs, but I don't know what SolarisAuditUser means -- [13/Apr/2013:23:42:07 -0500] conn=2042387 op=1 SRCH base="ou=people,dc=mycompany,dc=com" scope=2 filter="(&(object Class=SolarisAuditUser)(uid=ejones))" attrs="uid SolarisAuditAlways SolarisAuditNever" Is anyone familiar with this? thanks - EJ -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
