1

Topic: Migration many servers

Hello i will migrate so many servers:

7 with cyrus
4 with encrypt (MySQL)
6 with shadow md5

I dont need the mailboxes with the emails, i only need the users with their password not more not less.

Can somebody help me with some scripts for the migration.

Many thanks, mcaffee.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Migration many servers

It's hard to write a script to migrate all accounts, because every deployment are different, except iRedMail.

- Not sure cyrus can be migrated.
- Which encrypt mech do you use in MySQL? MD5?
- Shadow MD5? do you mean /etc/passwd? It's OK to migrate to LDAP, but not sure to MYSQL.

3

Re: Migration many servers

ZhangHuangbin wrote:

It's hard to write a script to migrate all accounts, because every deployment are different, except iRedMail.

- Not sure cyrus can be migrated.

OK, but we can try it...

- Which encrypt mech do you use in MySQL? MD5?

MySQL encrypt and MySQL md5

- Shadow MD5? do you mean /etc/passwd? It's OK to migrate to LDAP, but not sure to MYSQL.

Shadow MD5 like "$1$mtxL9Xwv$jGBIg9yoSoEpC.bJbWCU30"

Thanks

4

Re: Migration many servers

Could you please give me a sample MD5 encrypted string and its plain password? so that i can test it.

5

Re: Migration many servers

ZhangHuangbin wrote:

Could you please give me a sample MD5 encrypted string and its plain password? so that i can test it.

Please use this: "$1$ka5OssZi$/1v." == "compact53"

I hope this helps and please do not forgot MySQL encrypt and MySQL md5.

Thanks.

6

Re: Migration many servers

mcaffee wrote:

Please use this: "$1$ka5OssZi$/1v." == "compact53"

This is not MD5 encrypted?

7

Re: Migration many servers

ZhangHuangbin wrote:
mcaffee wrote:

Please use this: "$1$ka5OssZi$/1v." == "compact53"

This is not MD5 encrypted?

Sorry:

MD5 5a105e8b9d40e1329780d62ea2265d8a == test1
CRYPT b/PKcZHhYXwLo == test1
SHA1/shadow $1$ka5OssZi$/1v. == compact53

Cyrus use sasldb2

Thanks.

8

Re: Migration many servers

CRYPT b/PKcZHhYXwLo == test1

Success in OpenLDAP. others failed.

May i know how did you generate these passwords?

9

Re: Migration many servers

ZhangHuangbin wrote:

CRYPT b/PKcZHhYXwLo == test1

Success in OpenLDAP. others failed.

May i know how did you generate these passwords?

No problem, we wil ony use OpenLDAP, but we musst migrate all other servers to this system and the next step is setup a cluster with fallback.

MySQL SET `password` =  ENCRYPT( 'test1' )

10

Re: Migration many servers

mcaffee wrote:

MySQL SET `password` =  ENCRYPT( 'test1' )

How do you generate other passwords? MD5, SHA1/shadow, you mentioned above.

11

Re: Migration many servers

ZhangHuangbin wrote:
mcaffee wrote:

MySQL SET `password` =  ENCRYPT( 'test1' )

How do you generate other passwords? MD5, SHA1/shadow, you mentioned above.

We have so many system, this would be systems from the old owner and every of the use his own.

We have 1800 customers with Encrypt, 200 with MD5, 300 with old shadow passwords copy from linux in a MySQL DB, 5000 with cyrus in sasldb2, 3600 in a IMail Ipswitch System, 2300 in a old Ensim, 7100 with linux shadow/password.

I have copy the passwords from the systems that run at the moment, but i have only from 2% of the users, the passwords in plaintext.

12

Re: Migration many servers

- Password in /etc/shadow can be migrated into LDAP.
- Password genereated via MYSQL encrypt() works in LDAP:

mysql> SELECT ENCRYPT('test');
+-----------------+
| ENCRYPT('test') |
+-----------------+
| ihcgGah8lhxqk   | 
+-----------------+

13

Re: Migration many servers

Thanks,

can you please post the specifications for the ldap import files.

Than i will setup a perl script for the import.

14

Re: Migration many servers

Why not just tell us how you store accounts with samples, so that we can work together to migrate them?

15

Re: Migration many servers

ZhangHuangbin wrote:

Why not just tell us how you store accounts with samples, so that we can work together to migrate them?

OK, than we setup migration scripts for all users.

I will start the next days step by step, i contact you.