We have an existing Sun DS(6.3 version) in Solaris that we are planning to migrate to ODSEE in Linux and have couple of questions regarding the migration.
Based on readings, I think LDIF option is the best one, but the question is about the passwords. The passwords are in SSHA format and we would like to preserve the same passwords. If we do LDIF export/import, would that work? The users need to be able to use the same passwords. What are the things I need to do to make sure the passwords are migrated properly?
Thanks.
Yes, Sun Directory Server (all versions, including ODSEE) will import and preserve hashed passwords. The same is true for OpenDJ which was initially designed (as the OpenDS project) to replace Sun DSEE.
Related
I started learning Openldap 2.4, but I faced some concepts that I couldn’t understand well based on official administration guide. So I’m addressing those questions to the community in hope to find some good explanations.
The first question is what the difference between backbends and databases in Openldap? Also in documentation I found something very confusing, for example in the backbends section, I tried to create an ldap backend with those instructions.
database ldap
suffix "dc=suretecsystems,dc=com"
rootdn "cn=slapd-ldap"
uri ldap://localhost/ ldap://remotehost ldap://remotehost2
After altering my configuration directory, I found olcDatabase={1}ldap.ldif file created in cn=config folder, and no back-ldap module has been created.
Another question, is about multiple databases definition in Openldap server, if I created two databases (for example an hdb and mdb database). How a query from Ldap client is handled by the server? The data are fetched from the both databases defined with an specific order, or there is a way to chooses which database we want to interact with?
And finally, why in official administration guide we still find slapd.conf configuration style while it is deprecated? Is there any updated guide?
Thanks!!
This question already has an answer here:
Forgot the username and password of *fdb (firebird) database. Is there anyway I can crack this database?
(1 answer)
Closed 4 years ago.
I got a computer which has already installed Firebird database 2.0. And now I need to open fdb files which are Firebird database files just on this computer. So what I need is to get the password of Firebird server.
I've tried the default user and password :SYSDBA and masterkey and it doesn't work.
I've also tried to copy the fdb files to another computer on which I installed the same version Firebird. Those files can be opened on that computer, but what I need is to get the username and password and connect to database on this machine rather than open on another computer.
Error: Your user name and password are not defined.Ask your database
administrator to set up a Firebird login.
I will assume you computers run under Microsoft Windows.
Things are a bit different in UNIX w.r.t. location of security database and details of using Embedded edition of FB.
However before the question got edited Windows was specified: https://stackoverflow.com/revisions/53881670/1
I've tried the default user and password :SYSDBA and masterkey and it doesn't work.
In which program?
If there is some 3rd-party application its login/password pairs might well be different from ones of the Firebird server itself.
security2.fdb in the Firebird 2.x installation folder contains users and password hashes.
So, depending upon what you actually need, you have two ways:
Remove all passwords, except for SYSDBA/masterkey. That is: remove the Firebird. Ensure that "security database" was removed too (if not - rename it or move to another folder). Reinstall Firebird afresh. Would let you peep into the database using development tools (IBExpert/FlameRobin/FirebirdMaestro and so forth) but would probably screw any 3rd-party applications that used that database (as that application's users would be no more existing in the FB server).
Clone users/passwords from old computer to new one. That is, after installing matching Firebird versions on both computer you would have to STOP the FB service on both computer, then copy the "security database" from old to new computer, then START the FB service on both computers.
This would probably make the 3rd party application work, but not let you use SYSDBA/masterkey with development tools.
In both cases you would also have to look into UDF sub-folder in Firebird installations - if there are some non-standard plugin DLLs there you might need to copy them to the new Firebird installation too, as some parts of the database might be dependent upon those (or not, but you do not know before you open the database).
Actually, there might be yet another route for a short-term peeping into the database. Download and unpack Firebird 2 Embedded edition. STOP (temporarily or even forever) the normal Firebird service on that computer (so the database file would no more be locked). Use the embedded Firebird (fbEmbed.dll) as the "client library" in one of the aforementioned developer tools. With Embedded server editions user password just does not matter.
So, our employees use the Zimbra OpenLDAP, however, since this doesnt include PosixAccount we cant automatically link it to our Synology.
So my boss wanted me to create an OpenLDAP Database, and automatically import the Users from the ZimbraLDAP every 6 hours or so and link our Synology to this new OpenLDAP, which would also be a safe enviroment for our inters to work with LDAP.
Before you ask, I cant change the Zimbra OpenLDAP for varanty reasons.
So everything worked splendidly, the User where imported and the Synology could finally see these users. However, the password did not work. After looking over the export files i realized that Zimbra uses SSHA512 to hash the passwords, which isnt recognized by my OpenLDAP.
However, i cant seem to find any way of installing patches for it, since apparently OpenLDAP changed its structure and every information i found was outdated.
Does anybody know of an easy way to teach OpenLDAP SSHA512 with a recent installation?
I have this scenario where I want to make hive jdbc connections using multiple users/principals. I can get multiple KERBEROS tickets and store them in different cache files. For example one could be in /tmp/ticket1 and the other in /tmp/ticket2. However, when I execute the beeline how do I specify which ticket to use. I want to run queries as different users.
AFAIK you can't. The whole Hadoop ecosystem assumes that you use a ticket cache in the default location - even legitimate KRB5 environment variables are ignored (or just mess with some hardcoded defaults somewhere).
On my current assignment I had to develop a crude "Beeline emulator" in plain Java to handle that issue. It took me weeks to troubleshoot the KRB and the GSS configuration issues, including weird syntax inconsistencies between various versions of OpenJDK and Sun JRE (plus Linux vs. Windows), but finally I got it working.
And no, I will never share it with anyone outside of my Big Corp client with Big Lawyer staff...
We in our team are planning to use gerrit. So, to get introduced, I did set up a server, used open-id for authentication and created some test-users and test-projects in it.
Now we are ready to use it. But we actually prefer LDAP for real use.
So, can I change my authentication system from open-id from LDAP? What will happen to current users then?
I want to clear test projects and changes. How can I do them?
Can I complete delete existing gerrit setup and initiate a fresh setup in same machine? (I tried extracting the jar in different folder, but I faced some problems in it)
I am using Ubuntu 12.04 as my server.
Please help.
Delete the database (you're not using the H2 database anymore, but some MySQL or PostgreSQL server, don't you?) plus the directory where Gerrit is running (the -d parameter, see docs). Additionally, remove the git repos, if you configured them to be located on a different path.
Then all your data is gone and you can start from scratch.