Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Message from firstname.lastname@example.org
For us we had to offer an opt-in period, not an all or nothing. So again we wrote a web based tool so user's could login with their LDAP and click a button to "Switch" from our old unix system to Google.
The switch behind the scenes set their Google password and put a forward in their account on the old server(ssh in and set .forward file) to point to an alias domain that routed to their Google account. It did increase the "hop" count of email delivery slightly but still well within the typical 25 limit.
When they logged into the web tool with their LDAP, we took the opportunity to capture their current LDAP password as plain text, from the password input box on the page, and stored it temporarily in their web session on the server. The session expired over time or upon logout as you would expect, so we never had more than a few at a time.