Question:
Can I copy a user password from OpenLDAP to UCS-LDAP?
Answer
Yes this is possible.
Step 1
Create a ldif file with the password hash on your source OpenLDAP server:
Erstellen eines ldif-Files, das den Passwort-Hash von testuser2 durch den Passwort-Hash von testuser1 ersetzen soll:
#testuser.ldif
dn: uid=testuser,cn=users,dc=intranet,dc=example,dc=org
changetype: modify
replace: userPassword
userPassword: {crypt}$6$65JTqZlPijyrL/y8$4lwxEw6BbJ5EOfFg1HubE88b6AtfJvUh16aWFzVY5JlFSmQzcDYmtG1jWT8bJLKpsYPau/WKB6.xMQ/RjGeHa1
Step 2
Import the ldif file to UCS LDAP:
root@ucs-dst:~# ldapmodify -D cn=admin,$(ucr get ldap/base) -y /etc/ldap.secret -f testuser.ldif
modifying entry "uid=testuser,cn=users,dc=intranet,dc=example,dc=org"
Step 3
Verify password is set as desired:
root@ucs-dst:~# univention-ldapsearch -LLLo ldif-wrap=no uid=testuser userPassword | ldapsearch-decode64
dn: uid=testuser,cn=users,dc=intranet,dc=example,dc=org
userPassword: {crypt}$6$65JTqZlPijyrL/y8$4lwxEw6BbJ5EOfFg1HubE88b6AtfJvUh16aWFzVY5JlFSmQzcDYmtG1jWT8bJLKpsYPau/WKB6.xMQ/RjGeHa1
It should report the crypted password as written into the ldif-file.