In these sections, the NetWare server is referred to as the source server and the OES 2015 SP1 server as the target server.
Make sure your source server and target server meet the following requirements:
NetWare 6.5 SP8
OES server with AFP. For instructions see, instructions in Installing and Setting Up AFP
in the OES 2015 SP1: Novell AFP for Linux Administration Guide.
The NSS data should be already migrated. For details see, Section 17.0, Migrating File Systems to OES 2015 SP1
AFP supports the following migration scenarios:
Migrating Servers through Server Consolidation
Migrating Servers through Transfer ID
For more information about these scenarios, see Migration Scenarios.
NOTE:AFP does not support migration across different eDirectory trees. However, it can be achieved by using the Different Tree scenario to migrate the file system, then reconfiguring AFP on the target server:
For details, see Migrating Data to a Server in a Different Tree and Installing and Setting Up AFP
in the OES 2015 SP1: Novell AFP for Linux Administration Guide
Migrating the AFP configuration is done by using the Migration Tool or through the command line interface.
NOTE:Before migration, manually edit afptcpd.conf file and set the number of threads within the valid range. For more information, see Modifying Thread Range.
Beginning with OES 2015, the valid thread range is changed to as follows:
Minimum threads: 3 to 32, default value: 3
Maximum threads: 4 to 512, default value: 32
Before migration, manually edit afptcpd.conf file and set the number of threads within the valid range and proceed with the migration procedure. If it is not changed and the minimum or maximum threads is out of the range, then AFP server will use default number of threads.
Click Computer > More Applications > System > Novell Migration Tools to access the Migration Tool Utility.
Authenticate to the source and target servers.
Select Novell AFP, then click Configure. The AFP configuration window is displayed.
Click Migrate to begin the migration process.
To run the AFP migration utility through the command line, run migafp with the following parameters:
Table 19-1 migafp Command Line Parameters
|
Parameter |
Description |
|---|---|
|
-h |
Prints a summary of the migration process |
|
-s |
IP address of the source server |
|
-u |
DN of the source tree admin. For example : cn=user, o=company) |
|
-w |
Admin password to authenticate to the source server |
For example:
migafp -s 10.10.10.1 -u cn=sourceadmin.o=novell -w password
Ensure that all the context details from sys:/etc/ctxs.cfg (NetWare context file) are migrated to /etc/opt/novell/afptcpd/afpdircxt.conf (OES 2015 or later server context file).
Verify by running the command rcnovell-afptcpd start.
AFP on Linux uses Universal Password as the authentication mechanism instead of the Simple Password authentication mechanism on NetWare. During migration from NetWare to Linux, the simple passwords on the NetWare system are synchronized to the Universal Password, so that the user can authenticate seamlessly to the AFP service on the Linux server.
This feature is restricted based on the following conditions:
To synchronize the password of a first-time login user, authentication must happen using Diffie Hellman Exchange-2, Diffie Hellman Exchange, or Clear-text authentication method. To set the type of authentication, ensure that the authentication method (AUTH_UAM) option in /etc/opt/novell/afptcpd/afptcpd.conf file is set to DHX2, DHX, cleartext.
The automatic password synchronization will not occur if the user authenticates by using the Random Exchange or Two-way Random Exchange method of authentication.
If you use the Diffie Hellman Exchange-2, Diffie Hellman Exchange, or Clear-text authentication method, the eDirectory service (ndsd) must be started with the environment variable NDSD_TRY_NDSLOGIN_FIRST set to TRUE.
If the above conditions are not met, all the users with Simple Passwords are required to manually authenticate to the AFP server on NetWare after they are enabled for Universal Password, in order to trigger the password synchronization to Universal Password.