Migrating local accounts to LDAP


I am trying to move all users authentication from local accounts to LDAP. I have successfully configured connections with group assignment and expert configuration for internal username to use uid as attribute. So every time new user added to ldap logs in, their account is working correctly.

However when already existing (local) users try to log in with their LDAP credentials (same UID, LDAP password), they get created a new account without their files and permissions assigned to it.

Is there any way to migrate all of the data from old users that were created locally so that they can now only authenticate with LDAP ?


The problem is still live, any little guidance would be appreciated

If the account id is different, you can try to use the occ files:transfer-ownership command to move the files from one account to another.
Taking into account they have access to 2 different accounts, they can also share a folder with all they want to move from the old account to the new, and get those files in the new account from the share to a local folder. This can be done by themselves, so you could give them some time before removing the old accounts.

If the account ids are the same, it’s a big problem. This mustn’t happen. In this case, I’d suggest to temporary disable the LDAP app and transfer the files from the old account to a different one so the new account won’t overlap with any of the LDAP accounts. Once this is done, you can remove the old accounts and renable the LDAP app, and finally transfer again the files from the new local accounts to the LDAP ones.

Another option is to setup a fresh installation with only the LDAP accounts and let the users move the files from one server to another before shutingdown the old server.

1 Like

Thank you very much for your answer, It will surely be a lot of work, but you helped me a lot.