On 04/06/13 14:53, Emmanuel Lécharny wrote:
Le 6/4/13 8:36 AM, Titus Rakkesh a écrit :
Dear All,
Hi,
We have a live application which was running in iPlanet directory
server for the last 5 years and the LDAP is having around 3 million user
info stored in. Currently we are in a need of getting the clone of that
LDAP and migrate to ApacheDS 2.0 one. Simply saying our requirement is to
migrate all objects(schemas, roles, administrator accounts, Full User Store
data and everything) to ApacheDS. After the migration, we should be able to
redirect the application requests to the new LDAP without changing
application code.
Pls direct us how we can do this?
The first thing is to see if the schema you are using on iPlanet is
compatible with ApacheDS schema. This may require a bit of tuning. The
second step would be to inject the 3 millions of entries into apacheds,
which may take a while, with the current version (expect around 5 to 20
hours, depending on which kind of disk and system you use).
I migrated a fairly complex iPlanet directory to apacheDS 1.5 several
years ago.
I clearly and painfully remember the most difficult task was setting up
new ACI's to properly replicated all the different permissions I had in
the iPlanet directory. The syntax and semantics are very different. I
did all my setup by creating individual ldif files, so that I could
experiment and test the outcome of the rules one by one.
I already had all of my custom schema definitions as ldif's. Many of
them did not translate easily from iPlanet, but I could convert,
experiment and test those one by one too.
Studio might be good for moving the people entries, but I recommend
building a set of ldifs to create the tree structure.
I can remember having issues with some groups too, but nothing was too
difficult to convert successfully.
My original iPlanet directory used master-slave replication. ApacheDS
1.5 didn't have this feature working at the time, so I reverted to a
single master directory and implemented a snapshot backup regime. I have
not felt the need to experiment with replication on the 2.0 milestones.
In fact, I haven't yet felt the need to upgrade to 2.0, although I'm
watching each milestone with interest and intend to use it soon.
I preferred to move from one java directory implementation to another.
At the time, I didn't feel conversion to openldap would have been any
simpler - although I can't be certain that I was correct.
Good luck,
Brian
Will this possible with Apache Directory Studio Tool?
Ldap Studio is just an agnostic LDAP tool, so yes, it should be possible.
You may talk to Kiran (see
http://directory.apache.org/commercial-support.html) if you need some
quick help.
