Environment
NetIQ SecureLogin
NSL8
slMigrationHelper
slAP Tool
Management utility plugin
Workstation Backup/ Restore utilityNetIQ SecureLogin
Situation
slAP Tool vs slMigrationHelper vs Graphical Tools
Which utility should be used for copying/ moving SecureLogin data from one directory to another?
Resolution
SecureLogin includes several different options for copying, saving, backing up, and moving data from one directory to another. Which to use depends on the end objective. The chart below provides some detail.
slMigrationHelper | slAP Tool | Management utility plugin | Workstation Backup and Restore Utility | |
Description | Creates an XML file containing data for the logged in user, including stored user credentials. New with NSL8; only works with NSL8. | Creates an XML file containing data for the specified user or container. Slaptool.exe dated Nov 2, 2011 or later will capture stored user credentials, earlier versions will not. Works with any version of SecureLogin. | Distribution” tab in SecureLogin SSO plugin for iManager, SLManager, or MMC. Creates an XML file for all data stored on a selected container or user, except stored user credentials. | Creates password protected .esx file for all user data for the logged in user. Works with any version of SecureLogin. |
Intended use | Migrating user data from one directory to another, especially if the directories are of different types (e.g. eDirectory and Active Directory). | Backing up and restoring SecureLogin information within the same directory structure. Copying data from one data base to another. Bulk loading user info into a new directory to automate initial user login. | Moving
from test to production environments. Set up all applications as desired in test environment, export to XML file and import into the new directory. | Backing up and restoring data on a per user basis |
Works on | Current user. | Any specified user or container. | Any selected user or container. | Current user. |
Backs up | Applications, stored credentials, preference settings, password policies, passphrase questions and answers. | Applications, stored credentials, preference settings, password policies, passphrase questions and answers. | Applications, preference settings, password policies, passphrase questions. | Applications, stored credentials, preference settings, password policies, passphrase question and answer. |
Run from | Command line, login script, SecureLogin startup script. | Command line. | iManager, SLManager, or MMC | Workstation system tray icon. |
Advantages | Seamless migration between directories with minimal disruption to the user. Automatically maintains data integrity between directories. | Export and import data from entire containers, both data stored on the container and on users within the container. Flexible. Can also be used to delete. | Graphical interface, easy to use. Easily converts from test to production environment with a few mouse clicks. | Graphical utility, easy to use. Can be used to migrate from / to any directories of the same or different types. |
Limitations | Current version (released with NSL8) only works on a per user basis. | Works well with directories of the same type. While it can be done with some difficulity, SLAPTool was not designed for using between different directory types (e.g. AD – eDir). | Does not back up stored user credentials. | Must be run by the user; not available to administrators. |
For more information see the online documentation for slMigrationHelper, slAP Tool, using the management tool plugins, or backing up and restoring from the workstation.
Additional Information
Note that the cleanest and easiest way to copy SecureLogin data between eDirectory and Active Directory is with NetIQ Identity Manager (IDM). All SecureLogin data for both users and containers can be migrated and / or synchronized between Active Directory and eDirectory with IDM. This solution requires that SecureLogin passphrases be enabled. Configure IDM with the following schema mappings and filter:
![]()
Schema mappings:
Filter: