This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Migrate from eDir to AD directory

Hello,
We have a customer who is currently using Vibe with an eDirectory directory. They are using IDM to sync the users to an Active Directory - they are moving toward AD as a directory standard. They would like to move Vibe from eDirectory to the Active Directory, but when they do a basic reconfigure everyone loses access to the existing content and they have to go through and re-grant access. They were told it was because users have a different GUID in eDirectory and Active Directory.
1. Is there a proper migration process published somewhere to move from eDir to AD while retaining access in Vibe?
2. The GUID is not something that can be sync'ed between the two directories. Is Vibe really using GUID to identify the user in the directory?
3. Is there a way to configure Vibe to identify users with a different attribute such as workforceID, CN, or mail?

Thanks,
Jim
  • 0
    dagerk;2490002 wrote:
    Hello,
    We have a customer who is currently using Vibe with an eDirectory directory. They are using IDM to sync the users to an Active Directory - they are moving toward AD as a directory standard. They would like to move Vibe from eDirectory to the Active Directory, but when they do a basic reconfigure everyone loses access to the existing content and they have to go through and re-grant access. They were told it was because users have a different GUID in eDirectory and Active Directory.
    1. Is there a proper migration process published somewhere to move from eDir to AD while retaining access in Vibe?
    2. The GUID is not something that can be sync'ed between the two directories. Is Vibe really using GUID to identify the user in the directory?
    3. Is there a way to configure Vibe to identify users with a different attribute such as workforceID, CN, or mail?

    Thanks,
    Jim


    The documentation says:

    GUID attribute: Depending on the directory type that you chose, this field is populated with the name of the LDAP attribute that uniquely identifies a user or group. For eDirectory, this value is GUID. For Active Directory, this value is objectGUID. For GroupWise, this value is entryUUID. This attribute always has a unique value that does not change when you rename or move a user in the LDAP directory. It ensures that Vibe modifies the existing user instead of creating a new user when the user is renamed or moved in the LDAP directory.

    If this attribute is not set and you rename or move a user in the LDAP directory, Vibe assumes that the new name (or the new location of the same name) represents a new user, not a modified user, and creates a new Vibe user.

    For example, suppose you have a Vibe user named William Jones. If William changes his name to Bill, and you make that change in the LDAP directory, Vibe creates a new user named Bill Jones.

    If you want to map users to a different attribute, select Other in the drop-down list, specify the name of the LDAP attribute, then click OK. Before you do this, ensure that the attribute that you use is a binary attribute. For example, the cn attribute cannot be used because it is not a binary attribute.


    https://www.novell.com/documentation/vibe4/vibe4_admin/data/ldap.html

    I have not seen official documentation on how to migrate ldap source, have you tried asking Microfocus support?

    I did find this however: https://forums.novell.com/showthread.php/462804-Migrate-LDAP-to-AD-from-eDir?p=2239987#post2239987

    Thomas