Context Navigation

← Previous Version
View Latest Version
Next Version →

Version 1 (modified by robb, 16 months ago) (diff)
--

Zentyal Ebox 1.4 > 2.2

Author: Robert (Ian) Cami

ZENTYAL UPGRADE from version 1.4 to version 2.2

1. Ldif file import/export tool:

Apache directory studio, convenient for importing, exporting and editing LDIF files.
Can be installed on Windows, Linux and Mac clients.
Create two connection files. One for the connection with the server for export of LDAP to LDIF file. A second for the connection to import the LDIF file in the LDAP of the new server.
In the connectionfile you have to use the root DN definitions: the login account and the password for that account.

Example root DN:
Cn=ebox,dc=schoolserver,dc=hfamilie
Schoolserver and hfamilie are respectively the hostname and domainname of the server.
The root DN credentials are found on the server through Webmin LDAP server configuration or through Zentyal WebGUI under Users and Groups - LDAP settings.
These settings are server specific and thus for each server different.

2. Main differences between Ebox 1.4 and Zentyal 2.2:

Ubuntu operating system 8.04.3 for Ebox 1.4, Ubuntu 10.04 for Zentyal 2.2
Structure home directory Ebox 1.4 > /home/samba/users/username, Zentyal 2.2 > /home/username.
Ldap active directory structure.

3. Upgrade scenario:

SERVER WITH ZENTYAL 1.4

Backup of data through Webmin.
Export Ldap definitins to LDIF file through the Apache Directory Studio tool.
You can also export the LDAP setting by the slapcat command. However, this will backup the full LDAP tree. Since the LDIF needs editing, a lot more has to be edited to get a useable LDIF file to import for the new server. Command: Slapcat – l bschool.ldif (ldif file with active directory backup).
Edit ldif file for each user, group and computer account.
Adjust DN definitions dc=schoolserver,dc=hfamilie.
Add Quota and objectClass: systemQuotas.
Also edit the block domain users.
If there is a user with admin permisions. also edit the block domain admins and the block administrators.
See ldif example
Adjust path to users directory.

NEW SERVER WITH ZENTYAL 2.2

Install a vanilla Ubuntu server 10.04 LTS, Remastersys, Gparted, Phpmyadmin, Webmin, Gnome core, Firefox, Zentyal communication and Zentyal office.
Activate and select the Zentyal modules you want to use on your server. Configure the modules through the Zentyal webgui.
Create the shares through Zentyal webgui.
Restore data through Webmin
Move the directories from /home/samba/users/username to /home/username
Delete the directory /home/samba/users
Import the LDIF file with Apache Directory Studio.
Set user and group permissions on the shares through Zentyal webgui.

4. Example edited ldif file

In the example the following definitions are edited:

Schoolserver ( hostname of the server )
Hfamilie ( domainname )
Dominique ( user )
Nadine ( user )
Bs007$ ( computer account )
Bs017$ ( computer account )
Administrator ( user with admin rights )
Directie ( group for management users )
The blocks concerning Domain users and admins are edited too
All other blocks in the export LDIF are removed.
The edited parameters are identified with a _ before and after the parameter. This underscore obviously should not be in the LDIF file, and is solely to identify the parameters in this example.
These changes must be conducted for ALL users, groups and computeraccounts.

Example edited ldif file

dn: cn=Domain Users,ou=Groups,__dc=schoolserver,dc=hfamilie__
cn: Domain Users
gidNumber: 513
sambaGroupType: 2
displayName: Domain Users
objectClass: posixGroup
objectClass: sambaGroupMapping
sambaSID: S-1-5-21-3818554400-921237426-3143208535-513
objectClass: eboxGroup
memberUid: dominique
memberUid: nadine
dn: uid=dominique,ou=Users,__dc=schoolserver,dc=hfamilie__
cn: dominique bombey
uid: dominique
sn: bombey
uidNumber: 2001
gidNumber: 1901
__quota: 10000__
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
__objectClass: systemQuotas__
objectClass: sambaSamAccount
eboxSha1Password: {SHA}8xN5GuBp7VksNcSDs9T40qdKdLI=
eboxMd5Password: {MD5}vmC0MaRvzHv17k93Epk+Ow==
eboxLmPassword: 174BD4931CD0636E514C3859A341551D
eboxNtPassword: 7C333054B3A4A064F23FBEE398004B59
eboxDigestPassword: {MD5}nEr38axycjnpmWjLkTU+lA==
eboxRealmPassword: {MD5}9c4af7f1ac727239e99968cb91353e94
givenName: dominique
sambaPwdCanChange: 0
sambaLogoffTime: 2147483647
sambaLogonTime: 0
sambaAcctFlags: [U]
sambaKickoffTime: 2147483647
sambaPwdMustChange: 2147483647
loginShell: /bin/false
sambaPrimaryGroupSID: S-1-5-21-3818554400-921237426-3143208535-513
__homeDirectory: /home/dominique__
sambaSID: S-1-5-21-3818554400-921237426-3143208535-5002
description: directeur
sambaHomeDrive: H:
sambaNTPassword: 24EC7FD8304D5E08515964EDFA477A0C
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1290161556
userPassword:: cmFmYw==
sambaHomePath: \\schoolserver\homes\dominique
dn: uid=nadine,ou=Users,__dc=schoolserver,dc=hfamilie__
cn: nadine van bueren
uid: nadine
sn: van bueren
uidNumber: 2002
gidNumber: 1901
userPassword:: e1NIQX1veUM2ZUNXUjY1NjJkd21WYXJ3MjYyNzdWK1U9
__quota: 1000__
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
__objectClass: systemQuotas__
objectClass: sambaSamAccount
eboxSha1Password: {SHA}oyC6eCWR6562dwmVarw26277V+U=
eboxMd5Password: {MD5}j1yFNWY5FgLxpWswXh2c1Q==
eboxLmPassword: 4C576D0719F2BE82AAD3B435B51404EE
eboxNtPassword: EF12CFEF8A0D2DEE78D98644CA009307
eboxDigestPassword: {MD5}gb7vSsiqJZDderSFCV1jgA==
eboxRealmPassword: {MD5}81beef4ac8aa2590dd7ab485095d6380
givenName: nadine
sambaPwdCanChange: 0
sambaLogoffTime: 2147483647
sambaLogonTime: 0
sambaAcctFlags: [U]
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
sambaKickoffTime: 2147483647
sambaPwdLastSet: 1272118885
sambaPwdMustChange: 2147483647
loginShell: /bin/false
sambaPrimaryGroupSID: S-1-5-21-3818554400-921237426-3143208535-513
sambaLMPassword: 4C576D0719F2BE82AAD3B435B51404EE
sambaNTPassword: EF12CFEF8A0D2DEE78D98644CA009307
__homeDirectory: /home/nadine__
sambaSID: S-1-5-21-3818554400-921237426-3143208535-5004
description: secretariaat
sambaHomeDrive: H:
sambaHomePath: \\schoolserver\homes\nadine
dn: uid=administrator,ou=Users,__dc=schoolserver,dc=hfamilie__
cn: administrator administrator
uid: administrator
sn: administrator
uidNumber: 2069
gidNumber: 1901
__quota: 100__
userPassword:: e1NIQX1FdWtwUHNhekRIK29vSkpxOUNnSDZTbkJhRTg9
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: passwordHolder
__objectClass: systemQuotas__
objectClass: sambaSamAccount
eboxSha1Password: {SHA}EukpPsazDH+ooJJq9CgH6SnBaE8=
eboxMd5Password: {MD5}aEyFGvWZZbaACGt7SJb/mA==
eboxLmPassword: 663B1F156A0F44BFAAD3B435B51404EE
eboxNtPassword: 12136C7DD697DD0DFBC33AE2E5795D93
eboxDigestPassword: {MD5}oLaDkolZbnRp4f0adLv+LA==
eboxRealmPassword: {MD5}a0b6839289596e7469e1fd1a74bbfe2c
givenName: administrator
sambaPwdCanChange: 0
sambaLogoffTime: 2147483647
sambaLogonTime: 0
sambaAcctFlags: [U]
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
sambaKickoffTime: 2147483647
sambaPwdLastSet: 1272118899
sambaPwdMustChange: 2147483647
loginShell: /bin/false
sambaPrimaryGroupSID: S-1-5-21-3818554400-921237426-3143208535-513
sambaLMPassword: 663B1F156A0F44BFAAD3B435B51404EE
sambaNTPassword: 12136C7DD697DD0DFBC33AE2E5795D93
homeDirectory: /home/administrator
sambaSID: S-1-5-21-3818554400-921237426-3143208535-5138
description: Server beheerder
sambaHomeDrive: H:
sambaHomePath: \\schoolserver\homes\administrator
dn: cn=Domain Admins,ou=Groups,__dc=schoolserver,dc=hfamilie__
cn: Domain Admins
gidNumber: 512
objectClass: posixGroup
objectClass: sambaGroupMapping
objectClass: eboxGroup
memberUid: administrator
sambaSID: S-1-5-21-3818554400-921237426-3143208535-512
sambaGroupType: 2
displayName: Domain Admins
dn: cn=Administrators,ou=Groups,__dc=schoolserver,dc=hfamilie__
cn: Administrators
gidNumber: 544
objectClass: posixGroup
objectClass: sambaGroupMapping
objectClass: eboxGroup
memberUid: administrator
sambaSID: S-1-5-32-544
sambaGroupType: 2
displayName: Administrators
dn: cn=directie,ou=Groups,__dc=schoolserver,dc=hfamilie__
cn: directie
gidNumber: 2001
objectClass: posixGroup
objectClass: sambaGroupMapping
objectClass: eboxGroup
description: directie
sambaSID: S-1-5-21-3818554400-921237426-3143208535-5003
sambaGroupType: 2
displayName: directie
memberUid: dominique
dn: uid=bs017$,ou=Computers,__dc=schoolserver,dc=hfamilie__
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: sambaSamAccount
cn: bs017$
uid: bs017$
uidNumber: 2070
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
sambaSID: S-1-5-21-3818554400-921237426-3143208535-1001
displayName: BS017$
sambaAcctFlags: [W     ]
sambaNTPassword: B8B443966D815ACD091D398B6D8B06A5
sambaPwdLastSet: 1316949519
dn: uid=bs007$,ou=Computers,__dc=schoolserver,dc=hfamilie__
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: sambaSamAccount
cn: bs007$
uid: bs007$
uidNumber: 2072
gidNumber: 515
homeDirectory: /dev/null
loginShell: /bin/false
description: Computer
gecos: Computer
sambaSID: S-1-5-21-3818554400-921237426-3143208535-1002
displayName: BS007$
sambaAcctFlags: [W      ]
sambaNTPassword: 6CE64C4F5DAF5BB90994E530439F2631
sambaPwdLastSet: 1317108391

5. Apache Directory Studio

Define the Connection to the server

Give a name to the connection
Fill in the hostname of the server to make a connection with.
Click Next

Fill in the bind DN parameters. IE the root DN definitions: cn=ebox,dc=schoolserver,dc=hfamilie
Fill in the bind password.
Click Finish.
These parameters are server specific. Jou can find them in the Zentyal Webgui under user and groups / LDAP settings.
You can also find these parameters through Webmin: sytem > LDAP Client > LDAP server configuration.
Import ldif file in LDAP

Select LDIF into LDAP
Click Next

Click Browse adn select an ldif file

Select the LDIF file for import.
Click Open.

Click Browse for the field 'Import into'.

Select the file of the connection to the server where to import the file to.
Click OK

Select Options as in the picture.
Klik Finish
The LDIF file will be imported in the LDAP of the server.
Export LDAP settings to the LDIF file

Select LDAP to LDIF
Klik Next

Browse connection

Select a connection file and click OK

Search Base, select the DC parameters, in this example dc=schoolserver,dc=hfamilie
Click Browse

Click on + of the field dc=dchoolserver,dc=hfamilie

Click OK

In the section Scope, select Subtree
Click Next

Select browse to select the LDIF file.

Name the LDIF file and Click 'Save'

Click Finish
Te export will be processed.

Attachments

LDAP1.png (17.5 KB) - added by robb 16 months ago.
LDAP2.png (18.2 KB) - added by robb 16 months ago.
LDAP3.png (16.0 KB) - added by robb 16 months ago.
LDAP4.png (20.6 KB) - added by robb 16 months ago.
LDAP5.png (27.7 KB) - added by robb 16 months ago.
LDAP6.png (21.3 KB) - added by robb 16 months ago.
LDAP7.png (8.4 KB) - added by robb 16 months ago.
LDAP8.png (21.9 KB) - added by robb 16 months ago.
LDAP9.png (17.4 KB) - added by robb 16 months ago.
LDAP10.png (24.3 KB) - added by robb 16 months ago.
LDAP11.png (8.2 KB) - added by robb 16 months ago.
LDAP12.png (26.3 KB) - added by robb 16 months ago.
LDAP13.png (11.1 KB) - added by robb 16 months ago.
LDAP14.png (13.6 KB) - added by robb 16 months ago.
LDAP15.png (26.4 KB) - added by robb 16 months ago.
LDAP16.png (16.9 KB) - added by robb 16 months ago.
LDAP17.png (27.2 KB) - added by robb 16 months ago.
LDAP18.png (17.5 KB) - added by robb 16 months ago.

Download in other formats:

Plain Text