Migrating an Open Directory Archive from 10.6.8 to 10.8.5 on new hardware.

Similar Messages

• Migrate all Open Sales Orders From Legacy System (SAP) To SAP System using

  Hi Experts,
               I've to Migrate all Open Sales Orders From Legacy System (SAP) To SAP System using Business Objects with a new SALES ORDER DOCUMENT NUMBER referencing the older one.
             I'll get all the required data with field in an excel file.
               Does any standard transaction exist for it ? Or how to go ahead with it ?
  Thanks and regards,
  Jyoti Shankar

  Hi
  If you are checking for CREATE option then Sales Doc Type
  For more Info goto SWO1 transaction -> BUS2032 --> DIsplay --> Execute --> There SELECT the method which you want to perform... There you can fine the MANDATORY parameters also....
  Or in DISPLAY mode PLACE Cursor on the Required Method and CLick the PARAMETERS button on toolbar...
  That will show the MANDATORY parameters...
  Reward if helpful....
  Message was edited by:
          Enter the Dragon

• Open Directory access from outside of network / internet

  Hello all,
  Got a question I'd love to get some help on, I have some users who are outside of my network and I'd like them to connect into the open directory on our leopard server so they can use the Shared iCal calendars, addresses, etc.
  So my questions are A) Is it possible to connect in from outside the network and get access to the directory without having to have a seperate user account and use our VPN every time you want to connect? - if not is this the only way to do it (would you have to connect via the Mac VPN and then connect to the directory?)
  B) is it possible to do this "seamlessly" so that you don't have to change any settings, login details each time you switch between your local user from outside the network and your directory access. (so basically if you are in iCal if you have internet access it will connect you to the directory, without you doing anything extra?)
  Hope that makes sense, I can't seem to find the answers I need in the manuals, if I knew how this was meant to work I could probably have a fair go at figuring out how to actually do it (firewall changes etc)
  Thanks in advance for the help
  Martin

  So my questions are A) Is it possible to connect in from outside the network and get access to the directory without having to have a seperate user account and use our VPN every time you want to connect? - if not is this the only way to do it (would you have to connect via the Mac VPN and then connect to the directory?)
  If your OD server is visible from the internet -- i.e., it has a public address -- then you can do this without the VPN. However, it's not advisable to have a server exposed in that fashion.
  You would be better off doing this through the VPN:
  - Remote user connects to internet at hotel, for example.
  - Remote user initiates VPN connection.
  - Remote user now has access to iCal server and directory information.
  Explain to the users that this information is private to the company, and private company resources are only available through the VPN. Allowing access without the VPN would be similar to the company posting its Employee roster and meeting calendars on the face of the building where any person (or competitor) could see them.
  B) is it possible to do this "seamlessly" so that you don't have to change any settings, login details each time you switch between your local user from outside the network and your directory access. (so basically if you are in iCal if you have internet access it will connect you to the directory, without you doing anything extra?)
  It's just one extra step: Connect to VPN. You're still the same local user on the computer.
  If you're talking about laptop users needing directory access to authenticate when logging into their computers, well...That sounds like a whole other situation.
  Hopefully this helps.
  Bryan Vines

• HT3801 How do I remove Open directory services from primary MDC?

  I configured my xSAN mdc as an open directory master but I don't need to manage users from the MDC. How do I turn off Open directory on my master mdc and replicas?
  Thanks,
  Tom

  Hi
  Launch Server Admin on your Replica. Select the server's name in the sidebar on the left. Select the Open Directory Service. Click on Settings and change the Role to Standalone.
  Treat any other Replica you may have the same way.
  Launch Server Admin on your Master. Select the server's name in the sidebar on the left. Select the Open Directory Service. Click on Settings and change the Role to Standalone.
  Once you've demoted your OD Master to Standalone you will delete everything to do with the LDAP Database - users, groups, passwords etc but not home folders. If you have local users these won't be affected.
  If for some reason you may want to revert back to users etc that were stored in the LDAP Database then back them up first using the usual methods available on the platform.
  HTH?
  Tony

• Open directory restore from archive

  I am using Snow Leopard Server.
  I had to re-install server, before I did that I made an archive of my directory.  After install I restored my directory.....everything good in workgroup manager, but when I go into Server Admin and open users or groups it just hangs "looking for users/groups",  also it doesn't allow me to add user/groups either.  The same thing happens, it just hangs.  Any ideas?
  Thanks!

  I meant to say Server Preferences, not Server Admin...sorry!

• Populating Users With Open Directory Archive

  I have a New 10.8.2 Lion server that I would like to bring all the 10.7.5 users over. what is the best way to do this. It seems that the 10.7.5 arcive is not compatable with 10.8.2.  Any ideas would be great. I can't upgrade the 10.7.5 system becuase its an an old system.

  Didn't find a way to edit my post above.
  UPDATE:
  Trying to log in with Thunderbird showed differently in the IMAP log. It's user disabled instead.
  imap-login: Info: Disconnected (user disabled): user=<username>, method=CRAM-MD5, rip=192.168.8.101, lip=192.168.8.99, TLS
  How do I 'enable' this user?

• How to migrate Open Directory from 10.6 to another server with 10.8?

  Hello all,
  I have a Mac Pro running Mac OS X Server 10.6.8 with Open Directory active. Now I bought a new Mac Pro running MAC OS 10.8 and I also bought the OS X Server app.
  What I want to know is how can I migrate the users and their home folders from old server with Snow Leopard to the new one? The Open Directory Archive does this job?
  Regards,
  Carlos.

  Ok. I did a test and I saw that it exports only the information account. So I suppose that I have to copy the home folder using scp or something similar. Is that correct? 
  I also have to keep the same hostname from the old server in the new server or this can be done in a different way?
  Thanks.

• 10.7.2: still can't replicate 10.6 Open Directory or restore from backup

  I am trying to migrate my Open Directory (OD) database from an Xserve running 10.6.8 to an iMac running 10.7.2 now. As before the update to 10.7.2, I am unable to make the Lion server an OD replica of the OD database running on Snow Leopard.
  This is what I do (please let me know, if anyting I do is wrong):
  On the Snow Leopard Server (SLS) in the Server Admin utility, I go to the Open Directory service, the "Archive" subsection, choose a target directory for "Archive In", and click on the Archive button. I am then asked to name my archived database and provide a password. Let's say, it is "OD Archive," the file generated will be "OD Archive.sparseimage".
  I copy this Sparseimage to the deskop of my Leopard Server (LS).
  I then open the same place in the Server Admin utility on the LS. In the "Restore from" section I browse to the LS desktop and "Choose" the saved Sparseimage. I click on "Restore," at which point I am asked for the password of the archived OD database. When I supply it, it appears that my OD archive is being imported.
  However, going into the Workgroup Manager on the LS, and logging in as diradmin, into /LDAPv3/127.0.0.1, shows no users from my SLS having been migrated. Why has this still not been fixed?
  Likewise, when I try to make the LS an Open Directory replica of the SLS, I again, even after this updated informed that my OD database admin credentials are incorrect, when they are not. I had surely expeced a fix for this by the time we reached 10.7.2.

  Historically you have not been able to mix versions between an Open Directory Master and Replica, that is both would either have to be Snow Leopard, or both would have to be Lion.
  I have not tried upgrading to Lion this way (I am currently leaving my servers on Snow Leopard) but I can suggest the following based on experiences with Snow Leopard Servers.
  As you already appear to have done, in Snow Leopard Server make an Archive of your Open Directory setup
  Make sure you also have a backup of the entire Snow Leopard Server so you can go back to it if you can't successfully move to Lion
  Setup the hostname, IP address and DNS records (which might mean setting up a DNS server) for the new Lion Server
  Check this using the command line
  sudo changeip -checkhostname
  Make the new Lion Server in to a new empty Open Directory Master
  Test this new Open Directory Master by creating a test user and then deleting afterwards
  Now move on to the restoring of the Open Directory Archive, when I did this last time, I found that I was given two choices, either to completely replace the Open Directory with the one from the Archive, or to merge the two together. I found that trying to replace failed and resulted in an empty Open Directory like you report, I found that chosing merge did work successfully
  If the above still does not work, then you might have to consider the following alternative approach.
  On the Snow Leopard Server in Workgroup Manager export all the user accounts except the Admin and DirAdmin accounts
  Optionally export all the Groups
  Optionally export all the Computer Groups
  Setup the new Lion Server
  Create a new empty Open Directory
  Import the files exported from Workgroup Manager
  This will not keep the original passwords. You will have to set a password for each account.

• Migrating Open Sales Order From Legacy System (SAP) To SAP System

  Hi Experts,
               I've to Migrate all Open Sales Orders From Legacy System (SAP) To SAP System using Business Objects with a new SALES ORDER DOCUMENT NUMBER referencing the older one.
             I'll get all the required data with field in an excel file.
               Does any standard transaction exist for it ? Or how to go ahead with it ?
  Thanks and regards,
  Jyoti Shankar

  hi jyothi ,
     there are lot of ways of doing it depending on data upload volume it will be decided .
  1) thru abap bdc program which directly uses XL sheet data and creates SO using bapi/FMs.
  2) using scat.functional consultant should be good enough to use this.
  3)lsmw-laborious procedure but achievable.
    reward if helps !!!!!

• Converting from Standalone to Open Directory Master

  I want to change my server to an Open Directory Master from a standalone server so that mail clients can use Kerberos to send and receive email. I want to do this just to increase security measures on my network. I have been sucessfully running the server for 3 years or so but am not very knowlegable about Open directories.
  My questions is this.
  1. Is there any documentation on makeing the change to Open Directory Master with the sole purpose of being able to Authenticate using Kerberos for mail clients. Step by step would be great.

  Take a look at www.afp548.com for some good tutorials on the subject.
  The admin guide should have step by step instructions as well.
  One thing, you will need to move your users from the local "domain" to the OD "domain" in order for them to use kerberos. e.g. all your current user records have a dir node path of "/Users", and you will need to move them to "LDAPv3/127.0.0.1/Users".
  Hope this gets you started
  - Leland

• Lion: All Open Directory users obliterated

  After a rough migration from SLS, I've been running Lion Server successfully for a couple of weeks now.  However, this morning I saw that the file sharing services were down.  When I brought the server up on the monitor, the Finder was frozen solid.  I had to do a hard restart, and once it came up, all the Open Directory users are gone.  Only local users remain.  When I attempt to open the LDAP directory in Workgroup Manager it throws up a -14006 error.
  I'm going to attempt to rebuild the machine from a backup last night, but I'm wondering if anyone has any (quicker) advice.
  I'm tempted to just try and copy /var/db/openldap from the backup image over to the server, but I'm afraid it'll simply explode.  Is there a better alternative?  I don't have a current backup archive of *just* the open directory stuff...

  Restoring from a backup image "fixed" it of course, but I'm still curious how to restore the open directory database from a mirrored partition (i.e. without the use of an explicite restore from an open directory backup)

• Upgraded and Now Open Directory Hosed

  I upgrade my Mac Mini running Server to Mavericks and then Server 3, however in the new server app my Open Directory service is marked as Off, when I turn it On I get asked if I want to create a new OD master, join a domain as a replica or restore the domain from an archive. So from what I can see the upgrade has lost my OD data :-( I have an archive of the OD master I took before I started the upgrade, but when I restore it it doesn't seem to 'take' and I am left in the same situation.
  If I try to create a new OD domain, I get to set the diradmin password etc I get an error "An unknown error occurred while verifying directory administrator settings"
  So I'm stuck and am going to have to roll back to the pre-upgrade backup of the server but I really need to know how to either (1) keep my OD data during gthe upgrade, (2) be able to restore from an archive or (3) rebuild the OD domain from scratch - any one of those would let me get things up and running.
  Any suggestions?

  FWIW and if you haven't already found this, see the Mavericks OS X Server: Steps to take before upgrading or migrating the Open Directory database  (HT5300).  This OD upgrade article is a little hard to find, but was referenced from this OS X Server upgrade article (HT5996).  Then some potential post-upgrade steps for Software Update Server.

• 10.6.8 to Mavericks Server Upgrade loses Open Directory Users

  Hi,
  I have an OpenDirectory Master running OSX Server 10.6.8. An upgrade to Mavericks 10.9 has just failed.
  The server has about 50 OD users and passwords need to be retained across the upgrade. Apart from OD, the only other active service is AFP file sharing.
  DNS is good forward and back as per this article: OS X Server: Steps to take before upgrading or migrating the Open Directory database
  I followed these Apple guidelines for server migration: OS X Server: Upgrade and migration from Lion Server or Snow Leopard Server.
  I cloned the boot drive, booted from the clone, upgraded to Mavericks, then installed the Mavericks Server app.
  On opening the Mavericks Server app "Configuring services' showed for 5 minutes, but then an error message appeared. I did not record it exactly, but it was something like, "There was an error configuring the server. Certificate not valid!".
  I was able to continue through the error but on opening Server app there were no OD (local/network) users showing. Authentication was not happening.
  I had underestimated the time to get the installation done and I had used up the window of downtime I had booked - I did not have much time to troubleshoot. So, I cut back to the original hard drive and the server is back to 10.6.8 again.
  Can anyone point me in the right direction to find out what may have gone wrong? How can I get my users into 10.9 Server?
  Many thanks,
  b.

  Linc Davis advice is spot-on, as usual.
  There seem to be dozens of sub-databases in the LDAP database. A problem in any of them seems to derail the entire conversion process. I tried a straight conversion and was also disappointed that there were unresolved issues, and it meant that the conversion failed.
  So I did the export route using WorkGroup Manager, and exported four sets:
  Users
  Groups
  Computers
  Computer groups
  go to the appropriate pane (e.g., Users) and Select All, then choose Export, and give it a name (probably with an embedded date in case you need to do it again later)
  Then use 10.9 WorkGroup Manager (available as a separate download) to Import.
  When re-imported, everything worked just fine (except the passwords, which cannot be carried forward using this method). I did have to manually enable at least one service, such as File Sharing service in Server [admin], or users showed up as "not allowed" [to log in].
  This entire process of getting Server 3 to work is fraught with peril, and everything converges on ONE diagnostic, "Network users can't log in". Which means you blew it, but provides no additional information about WHERE you blew it.
  There do not appear to be any magic bullets. It is just a tough slog. Users who reported success after failing the first time reported they returned to fundamental principles and did all the steps over, in order, to attain success.

• Do I need to configure Open Directory before I configure mail?

  I am doing a slow step-by-step configuration of a new 10.6.2 box and I am marginally skilled. Before I migrate a handful of accounts from the old server to the new, I want to make sure mail services work on the new server. Later I would like to try experimenting with Open Directory. Since I will be creating local user accounts on the server to configure mail, will these migrate to Open Directory later or will I need to reconfigure the accounts? If the latter is true, it suggests I should install Open Directory first.
  (I apologize if this belongs in another discussion group.)
  Paul

  I have discovered that the answer is that I do not have to configure Open Directory first. Found this on the OD discussion area:
  http://discussions.apple.com/thread.jspa?threadID=2243066&tstart=0
  Paul

• How to promote my OSX10.6.8 replica server to Open Directory server

  My Open Directory Server crash and i would like to promote my replica Server to Open Directory.  can you tell me how to do this.

  Hello Dave,
  Check out the steps quoted below to promote your replica to the Open Directory master.
  Provide Open Directory service
  https://help.apple.com/advancedserveradmin/mac/3.1/#apdD1F7D8CA-CF07-40CE-B2D4-8 E3ACF4BCA40
  Promote a replica to Open Directory master
  If an Open Directory master fails and you can’t recover it from a backup, you can promote a replica to be a master. The new master (promoted replica) uses the directory and authentication databases of the replica.
  Select Open Directory in the sidebar.
  Click Servers.
  Select a replica to promote, then choose Promote Replica to Master from the Action pop-up menu (looks like a gear).
  Enter the directory administrator name and password.
  If you archived Open Directory data with certificate authority keys, you can restore them by entering the Open Directory archive location or clicking choose to locate the archive.
  Click Next.
  Enter the user name and password for the replica that’s being promoted, then click Connect.
  Regards,
  -Norm G.