25.1 Migrating FTP from NetWare to OES 11 SP2

This section describes how to migrate FTP from NetWare or OES to OES 11 SP2.

25.1.1 Planning the Migration

Make sure your setup addresses the following requirements before you migrate FTP to the destination platform:

System Requirements

  • Pure-FTPd

Source Servers

  • NetWare 6.5 SP8

Target Server

  • OES 11 SP2

25.1.2 Migration Scenarios

The following scenarios are supported for FTP migration:

  • Consolidation on the Same Tree

  • Consolidation on a Different Tree

  • Transfer ID on the Same Tree

    For details on these three scenarios, see Section 1.3, Migration Scenarios.

Prerequisites

For all three scenarios, eDirectory should be running so that eDirectory users can log in.

What Is Migrated

When the migration is complete, the FTP parameters on NetWare are mapped to the corresponding parameters in Pure-FTPd on Linux. For details on mapped parameters, see Table 25-1.

25.1.3 Migrating FTP

Migration of the FTP configuration can be done from the Migration Tool or through the command line interface.

NOTE:Before you start the Pure-FTPd server, ensure that eDirectory is up and running on the target server. This is to ensure that all the eDirectory users can be used for Pure-FTPd access. For the Server ID Swap, all eDirectory objects are migrated as part of the DIB migration step. For more information about eDirectory migration, see Section 17.0, Migrating eDirectory to OES 11 SP2.

Using the Migration Tool

  1. Launch the Migration Tool in one of the following ways:

    Desktop: Click Computer > More Applications > System > Novell Migration Tools.

    Terminal: Log in as the root user and at a terminal prompt, enter miggui.

  2. Configure the source and target parameters.

    For details on configuring source and target server information, selecting a migration type, and the Open, Save Project, and all other tool buttons, see Section 2.0, Overview of the Migration GUI.

  3. Select Novell FTP from Services, then click Configure. The status now changes from Not Configured to Ready.

  4. When the status is Ready, click Start to start the migration process.

    The status changes from Migrating to Migrated.

    NOTE:Use the Status > Logs tab to check for errors during migration. Fix the errors and restart the migration procedure if necessary.

Using the Command Line

  1. Run the FTP migration utility from the command line with the required parameters:

    migftp -s <source_server>

    For example:

    migftp -s 192.168.1.54

    If the migration is successful, a message indicating success is displayed.

  2. Start the eDirectory server to allow eDirectory users to log in.

  3. Start the FTP server by using the rcpure-ftpd start command.

25.1.4 Post-Migration Procedure

  1. All the FTP services users must be LUM enabled.

  2. Map these parameters during the FTP migration from NetWare to Linux:

    Table 25-1 NetWare Linux FTP FTPd Mapping Parameters

    NetWare FTP Parameters

    Linux Pure FTPd Parameters

    SECURE_CONNECTIONS_ONLY

    TLS

    PASSIVE_PORT_MIN

    PassivePortRange

    PASSIVE_PORT_MAX

    PassivePortRange

    MAX_FTP_SESSIONS

    MaxClientsNumber

    HOST_IP_ADDR

    Bind

    FTP_PORT

    Bind

    FORCE_PASSIVE_ADDR

    ForcePassiveIP

    ANONYMOUS_ACCESS

    AnonymousOnly

    IDLE_SESSION_TIMEOUT

    MaxIdleTime

    DEFAULT_USER_HOME_SERVER

    DefaultHomeDirectoryServer

    DEFAULT_USER_HOME

    DefaultHomeDirectory

    IGNORE_REMOTE_HOME

    EnableRemoteHomeDirectory

Important:

  • If ANONYMOUS_ACCESS is commented irrespective of the value set to yes or no on the source server (NetWare), after migration the value set for AnonymousOnly on the target server (OES 11 SP2) is retained.

    For example, if #ANONYMOUS_ACCESS=yes or #ANONYMOUS_ACCESS=no is set on the source server and AnonymousOnly=yes or AnonymousOnly=no is set on the target server, the value set on the target server is retained after migration.

    If ANONYMOUS_ACCESS is uncommented irrespective of the value set to yes or no on the source server (NetWare), after migration the value set for AnonymousOnly on the target server (OES 11 SP2) is overwritten with the value set on the source server.

    For example, if ANONYMOUS_ACCESS=no is set on the source server and AnonymousOnly=yes is set on the target server, AnonymousOnly will be set to no after migration.

  • If you use the BIND parameter in the NetWare ftpserv.cfg file, after migrating to OES, your FTP login will be blocked. This happens because FTP still tries to bind to the source IP address and port that you have specified in the NetWare ftpserv.cfg file.

    To resolve this issue, change the IP address and port to that of an OES target server. This workaround is not required for a Transfer ID migration.

  • If Passive Port Range on NetWare is not set or is less than twice the number of maximum allowed clients, after migrating to Linux, set the PassivePortRange to twice the MaxClientsNumber.

    For example, if you set MaxClientsNumber as 10, then set the PassivePortRange as 30000 30020.

  • If SECURE_CONNECTIONS_ONLY is set in NetWare and an FTP migration certificate does not exist on Linux, a default FTP certificate (/etc/ssl/private/pure-ftpd.pem) is created, using either an eDirectory certificate (/etc/ssl/servercerts/eDircert.pem) of the target server or the server certificate (/etc/ssl/servercerts/servercert.pem). If neither of them exists, the migration creates a certificate with default parameters. The admin can replace this by creating a new certficate using the steps listed in Create Certificate Procedure.

  • The ForcePassiveIP field in NetWare when left blank or set as 0.0.0.0 indicates none specified. However, on Linux, it is interpreted as is and therefore can lead to the server binding to an invalid IP address, resulting in loss of functionality. The migration script is updated to ignore IP 0.0.0.0, and creates .bak file to preserve the original linux conf file for administrative reference.