The Solaris ISP Server Directory Services component contains tools for converting existing user data into entries in the directory service. You can export existing data, for example, from a database, NIS, or another LDAP directory into a structured text file, then use the sispload tool to convert the data into an ldif file that can be used with ldapmodify.
The file /etc/opt/SUNWconn/ldap/current/mapping/sispload.mapping contains tables for mapping input data into one of four types of user entry:
The sisp
table creates ispSubscriber
entries.
The sisprad
table creates ispSubscriber
entries with the remoteUser
object class for RADIUS authentication.
The sispsims
table creates ispSubscriber
entries with the emailPerson
object class for use with Sun Internet Mail Server software.
The sispradsims
table creates ispSubscriber
entries with the emailPerson
and remoteUser
object classes for use with Sun Internet Mail Server software and RADIUS authentication.
Export your existing user data to a text file (the "input file") with one user on each line.
You may need to edit the text file to get the data in the correct order and to use the proper field separator. If possible, arrange the data in the order described in Step 2 to reduce the amount of manual editing required.
An example input file is provided in /opt/SUNWisp/ldap/sunds/examples/sispload.input.
Edit the input file to use the proper field separator and to arrange the fields in the order expected by sispload.
By default, fields must be separated by an exclamation point (!). To change the field separator, see the sispload.mapping(4) manual page.
The order of the fields for the sisp
table is described below. If you wish to use the sisprad
, sispsims
, or sispradsims
tables, consult the sispload.mapping(4) manual page.
Each line should have the following fields in this order (optional fields with no data may be left blank, but a field separator is still required; see the sispload.mapping(4) manual page for details):
!LastName!FirstName!Nickname!Username!Password!DomainName!\ E-mailAddress!Services!UID!GID!ContentDirectory!
The Services
and ContentDirectory
fields may not exist in your current user database. Creating data for these fields is explained in Step 3.
Here is a sample input line with the Password
field left blank (the Username
will be entered as the password by sispload):
!Smith!Joseph!Joe!jsmith!!myIsp.net!jsmith@pop.myIsp.net!\ ispVersion=1.0,ou=SUNWftp,ou=Services,o=myIsp,c=us!\ 90981!100!jsmith/public_html!
Since the Services
and ContentDirectory
fields may not exist in your existing data, you may need to edit the input file to add these fields.
The Services
field should contain the distinguished name of each ispService
entry representing a service the user is allowed to access (for example, FTP or news). For each service, the distinguished name must include the ispVersion
attribute, an ou
entry with the service ID, and a relative distinguished name from the root of the tree to an ou=Services
node. For example:
ispVersion=1.0,ou=SUNWftp,ou=Services,o=myIsp,c=us
The ContentDirectory
field specifies a directory where the user may store personal files such as web pages. The sispload.mapping file specifies "/home" as the default root, and the value in the ContentDirectory
field is appended to create the value of the ispContentDirectory
attribute for the ispSubscriber
. Note that the ispContentDirectory
is relative to the ispDirectoryRoot
of an ispService
entry that makes use of it. Edit sispload.mapping to use a different default root.
Run /opt/SUNWisp/ldap/sunds/sbin/sispload with the input file to create an ldif file.
The sispload command takes the following arguments:
sispload [[-b baseDN]] [[-d debugLevel]] [[-h ldapHost]] [[-m mapFile]] [[-o outputFile]] [[-t mapTable]] [[-V variable=value...]]-f inputFile
Specifies the base distinguished name beneath which the user entries will be added. This argument is optional, and defaults to the primary naming context you specify at install time. You may want to specify a different domain in your directory tree (for example, "ou=subDomain,o=myIsp,c=US") .
Specifies the level of logging performed by the ldap server daemon (dsservd
). See the manual page for sispload(1M) for values.
Specifies the host name of the Solaris ISP Server directory server. By default, the host from which sispload is invoked is used.
Specifies the mapping file that contains the definitions for translating the input file into ldif entries. By default sispload.mapping in the directory /etc/opt/SUNWconn/ldap/current/mapping is used.
Specifies a prefix for creating files with the error and ldif output. By default, errors are sent to STDERR and the ldif output to STDOUT. If you specify a value here, two files will be created: outputFile.ldif and outputFile.err.
Specifies the table in the mapping file to use. By default, the sisp
table in the default mapping file is used; other options in the default mapping table are sisprad
, sispsims
, and sispradsims
.
Sets variables for use in the conversion. Repeat the -V flag to define multiple variables.
Specifies the full path name to the input file you have created. This option is required.
For example:
# cd /opt/SUNWisp/ldap/sbin # ./sispload -b o=myIsp,c=US -t sisprad -o /tmp/ldapusers -f /tmp/input.nis.txt |
Run /opt/SUNWconn/bin/ldapmodify with the ldif file you created to add the users to the directory.
For example:
# cd /opt/SUNWconn/bin # ./ldapmodify -D cn=admin,o=myIsp,c=US -w secret -f /tmp/ldapusers.ldif |
Examine the error output to see if any entries could not be added to the directory service.
The error output will contain ldif entries for users that could not be added to the directory. Usually the cause is a syntax error in the input file. You may want to extract these entries from the original input file, save them to a new file, fix the errors, and run sispload again.