dagerk Absent Member.
Absent Member.
1333 views

Migrate from eDir to AD directory

Hello,
We have a customer who is currently using Vibe with an eDirectory directory. They are using IDM to sync the users to an Active Directory - they are moving toward AD as a directory standard. They would like to move Vibe from eDirectory to the Active Directory, but when they do a basic reconfigure everyone loses access to the existing content and they have to go through and re-grant access. They were told it was because users have a different GUID in eDirectory and Active Directory.
1. Is there a proper migration process published somewhere to move from eDir to AD while retaining access in Vibe?
2. The GUID is not something that can be sync'ed between the two directories. Is Vibe really using GUID to identify the user in the directory?
3. Is there a way to configure Vibe to identify users with a different attribute such as workforceID, CN, or mail?

Thanks,
Jim

0 Likes
1 Reply
Knowledge Partner
Knowledge Partner

Re: Migrate from eDir to AD directory

dagerk;2490002 wrote:
Hello,
We have a customer who is currently using Vibe with an eDirectory directory. They are using IDM to sync the users to an Active Directory - they are moving toward AD as a directory standard. They would like to move Vibe from eDirectory to the Active Directory, but when they do a basic reconfigure everyone loses access to the existing content and they have to go through and re-grant access. They were told it was because users have a different GUID in eDirectory and Active Directory.
1. Is there a proper migration process published somewhere to move from eDir to AD while retaining access in Vibe?
2. The GUID is not something that can be sync'ed between the two directories. Is Vibe really using GUID to identify the user in the directory?
3. Is there a way to configure Vibe to identify users with a different attribute such as workforceID, CN, or mail?

Thanks,
Jim


The documentation says:

GUID attribute: Depending on the directory type that you chose, this field is populated with the name of the LDAP attribute that uniquely identifies a user or group. For eDirectory, this value is GUID. For Active Directory, this value is objectGUID. For GroupWise, this value is entryUUID. This attribute always has a unique value that does not change when you rename or move a user in the LDAP directory. It ensures that Vibe modifies the existing user instead of creating a new user when the user is renamed or moved in the LDAP directory.

If this attribute is not set and you rename or move a user in the LDAP directory, Vibe assumes that the new name (or the new location of the same name) represents a new user, not a modified user, and creates a new Vibe user.

For example, suppose you have a Vibe user named William Jones. If William changes his name to Bill, and you make that change in the LDAP directory, Vibe creates a new user named Bill Jones.

If you want to map users to a different attribute, select Other in the drop-down list, specify the name of the LDAP attribute, then click OK. Before you do this, ensure that the attribute that you use is a binary attribute. For example, the cn attribute cannot be used because it is not a binary attribute.


https://www.novell.com/documentation/vibe4/vibe4_admin/data/ldap.html

I have not seen official documentation on how to migrate ldap source, have you tried asking Microfocus support?

I did find this however: https://forums.novell.com/showthread.php/462804-Migrate-LDAP-to-AD-from-eDir?p=2239987#post2239987

Thomas
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.