How Do I Migrate Crowd Internal Directory Users to a Delegated LDAP Directory?
This page contains information about an action that is not supported. It is provided as is, for use at your own risk.
Normally, attempts to use the Directory Importer to import Crowd Internal Directory users into a Delegated LDAP directory would be greeted with this error: "User Encryption Algorithms must match between directories". The following steps will help you migrate these internal users into a Delegated LDAP Directory.
Identify the directory ID of the Crowd Internal Directory, and the target LDAP Delegated Authentication Directory from this query (run against the Crowd database):
SELECT * FROM cwd_directory;
Backup the Crowd database
Use the directory IDs in the following queries. Note that this will remove all users, groups and memberships from the source directory [Crowd Internal] and put them in the destination directory [Delegated LDAP]. Be sure to replace <destinationid> with the Delegated LDAP Directory's ID, and <sourceid> with the Crowd Internal Directory's ID:
UPDATE cwd_user SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_group SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_membership SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_group_attribute SET directory_id = <destinationid> WHERE directory_id = <sourceid>; UPDATE cwd_user_attribute SET directory_id = <destinationid> WHERE directory_id = <sourceid>;
To prevent the loss of users in the original Crowd Internal Directory, you can first create another Internal Directory, and import users, groups and memberships to that new directory. Then use the new Internal Directory's ID in the queries above.