To migrate Directory Server users to an AD LDS repository

Restriction: This topic applies only when the Enterprise Server feature is enabled.

Before you can do this, the target repository must be extended to support the Enterprise Server configuration objects. How you do this will vary slightly depending on the particular LDAP server that you are using. In all cases, you will create use the MFDS -L command to create an LDIF file containing the necessary extensions and then use the relevant import command for your LDAP server.

  1. Create an LDIF file file containing the user and group definitions by using the mfds -e command. For example, at the command line, enter:
    mfds -e "CN=Micro Focus,CN=Program Data,DC=local" "CN=Enterprise Server Users" 
    "CN=Enterprise Server Groups" "CN=Enterprise Server Resources" 1 mfds_users.ldf
    In this example:
    "CN=Micro Focus,CN=Program Data,DC=local" specifies the application partition to which all exported entries will be assigned
    "CN=Enterprise Server Users" specifies the container within the application partition to which the exported users will be assigned
    "CN=Enterprise Server Groups" specifies the container within the application partition to which the exported groups will be assigned
    "CN=Enterprise Server Resources" specifies the container within the application partition to which the exported resource definitions will be assigned

    This creates an LDIF file mfds_users.ldf.

  2. Use the LDIFDE command to import the generated LDF file into AD LDS. For example,
    ldifde -i -f fds_users.ldf -s localhost:389 -k -v -j
Important: You must have sufficient rights to modify the AD LDS container and the container must be writable.