|
Hi, I need to simulate an Active Directory server to an LDAP
client application using openldap. I am only
interested in retrieving users and groups from openldap,
but I need to have attributes match those in AD. I have found a number of
guides on how to migrate from AD to OpenLDAP, but my
application is not quite this complicated. At least I don’t think it is. Here’s what I’ve got so far. My AD server is
Windows Server 2008. I have dumped ldif using ldifde: ldifde -d "CN=Users,DC=[domain],DC=com" -f export.ldif This returns me an ldif of Users
and Groups, which is what I want. I have set up OpenLDAP
as suggested in numerous migration docs to include core, cosine, and nis schemas. I am able to access the LDAP server and browse
it using a manager DN and a clear password for now. I have attempted to import
my ldif using the following: Ldapadd -H ldap://<server>
-f export.ldif -x -D "cn=Manager,dc=[domain],dc=com" –W The reply from the server is: ldapadd: Invalid syntax (21)
additional info: objectClass: value #1 invalid
per syntax I believe this error is due to the second (#1) record in the
ldif which is the first group and has an objectClass: group. “group” does not appear to
be a defined object class in any of the aforementioned schema. Can I obtain
schema for this ldif? I can’t find any docs on
doing this or any schema files that contain this objectClass.
BTW, I am a complete LDAP newbie, so please forgive any terminology misuse,
etc. Thanks! |