StandaloneToLDAPClientMigration
Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.
Launchpad entry: https://features.launchpad.net/distros/ubuntu/+spec/standalone-to-ldap-migration
Packages affected:
Summary
The tool specified here will automate the process of migrating a normal, fat client, standalone system to become an LDAP client. Existing user accounts will be migrated to the LDAP server and their home directories will be migrated to a centralized file server.
Rationale
It is common for small networks not to have network authentication or centralized file storage, and newbie Linux admins are understandably hesitant to jump immediately into such issues. But network authentication and file storage centralization are highly desirable attributes of a robust, well-managed network consisting of more than a handful of workstations. It will benefit Ubuntu to provide a tool to automate the process of migrating the users and data from a standalone system to an LDAP directory and centralized file server.
Use cases
- Linux-newbie wants to try Ubuntu at work where they use Active Directory.
- System administrator wants to roll out Windows and Ubuntu clients side-by-side with single-sign-on.
Scope
Goal: Automate Ubuntu systems' incorporation into any LDAP-based corporate network directory.
This spec assumes the following:
- at least one LDAP server (e.g., FDS, OpenLDAP, or Active Directory) is correctly configured and running
- a network fileserver is available (if data is to be migrated)
- the user accounts are stored in the system DB files (/etc/passwd, /etc/shadow, /etc/group)
- all the migratory data lives in the home directories specified in /etc/passwd for the user accounts
- all the user accounts will be migrated (???)
This tool must be told the following:
- where to migrate user accounts to (clientside tool) or from (serverside tool)
- where to migrate user home directories to (clientside tool) or from (serverside tool)
Design
- This tool can work either on a Linux server, to pull data from the new LDAP clients, or it can run on the clients and push data to the LDAP/file server(s). Both alternatives should be discussed.
- A server-side tool will rule out AD unless the tool runs on Windows(TM).
Implementation
Code
Data preservation and migration
Unresolved issues
BoF agenda and discussion
StandaloneToLDAPClientMigration (last edited 2008-08-06 16:15:49 by localhost)