who is using V3 ldaps other than WCDS11.2 for windchill 12.0.1.x successfully?

I've done several of these upgrades/migrations and it always depends on how your existing WindchillDS (WDS) is structured AND how you want the target LDAP to be structured.

First, the upgrade process as explained and documented by PTC requires the use of WindchillDS 11.2 to get through the upgrade to 12.x.  The upgrade manager migrates Organizations and Groups into the database and Info*Engine (configuration node) into JSON files in %wt_home%\IEConf.  If the "cn=configuration,cn=Windchill_##.#,o=ptc" node still exists  in WindchillDS 11.2 after upgrade to 12.x, just delete it.  Only user accounts should be left in WDS.

Use Apache Directory Studio to make DN structure changes like migrating all accounts from EnterpriseLdap to AdministrativeLdap.  It is easy to use and can move multiple user accounts in one operation.  I am also getting rid of the Windchill version number from the DNs (e.g. ...,cn=Windchill,o=ptc).  We don't structure Active Directory by Windchill versions so why should we do it in OpenDJ?

Install OpenDJ Community Edition if you are OK running Java 1.8.  I believe the paid ForgeRock version of OpenDJ supports Java 11.  Go with OpenLDAP or Active Directory if you don't want Java at all.

For the OpenDJ Community Edition installation, I build a folder structure like this...

Java: D:\PTC\OpenDJ-4.4.14\Java

OpenDJ: D:\PTC\OpenDJ-4.4.14\OpenDJ

The following will set it up without installing Java with the OS and with the baseDN o=ptc.

set opendj_home=D:\PTC\OpenDJ-4.4.14\OpenDJ

set java_home=D:\PTC\OpenDJ-4.4.14\Java

pushd %opendj_home%

setup.bat -h localhost -p 389 --ldapsPort 636 --adminConnectorPort 4444 --enableStartTLS --generateSelfSignedCertificate --rootUserDN "cn=Directory Manager" --rootUserPassword P@ssw0rd --baseDN o=ptc --addBaseEntry --cli --acceptLicense --no-prompt

There are other tweaks you can do like naming the OpenDJ Java process, installing as a Windows service, and changing the Windows service name.

Migration is an export/import process.

1. From WindchillDS Control Panel, export the remaining LDAP structure and EXCLUDE attributes entryUUID, createTimestamp, and creatorsName as these are read-only in OpenDJ and will not import.

2. If all on one machine, shut down WindchillDS and start up OpenDJ.

3. Edit the exported LDIF in your favorite text editor.  Search and replace "ptcSubtree" with "organizationalRole" and save the file.  OpenDJ does not have a class named "ptcSubtree" and it will prevent import.

Always create a backup of the userRoot of OpenDJ before attempting the import.  Import can corrupt the userRoot and the only way to recover is to restore from backup or re-install OpenDJ.

4. Import the updated LDIF file into OpenDJ using the OpenDJ Control Panel.

Note: If the DNs match between WindchillDS and OpenDJ, we do not need to heal disconnected participants post LDAP migration.

If your LDAP DNs and/or Repositories have changed, then use the (Bulk) Principal Reconnect Utility available in 12.0.2.0 and later.

https://support.ptc.com/help/wnc/r12.0.2.0/en/index.html#page/Windchill_Help_Center/ParticipantAdminParticipantMigration.html