[Freeipa-devel] [PATCHES] IPA to DS migration.
Rob Crittenden
rcritten at redhat.com
Wed Jan 20 21:55:02 UTC 2010
Pavel Zuna wrote:
> Ok, here's the latest version of IPA to DS migration "suite".
>
> It includes the following:
> - A fix for a name collision in textui, Jason's big patch added a second
> method named print_entry. Nobody noticed there was one already.
> - Patch to the ipa-pwd-extop plugin to allow adding entries with
> pre-hashed password if migration mode is enabled.
> - BIND pre-operation plugin to generate Kerberos keys on simple BIND's
> if missing.
> - Migration plugin.
> - Option in config plugin to enable/disable migration mode.
> - Password migration page.
>
> what has changed since the last version:
> - LDAP backend is used to connect to DS, no more low level python-ldap
> calls.
> - The plugin checks if migration is enabled and gives direction on how
> to enable it.
> - The plugin can now be extended to support other objects than just
> users and groups. You just need to create an LDAPObject and add it's
> name along with a search filter (to find the objects in DS) and
> optionaly callbacks to handle special cases. There's some inline
> documentation.
> - LDAP URI validation.
> - Better error messages.
> - Fixed typos.
>
> The migration won't be easy to test, so tomorrow I'll setup 2 VMs on the
> blades. One with IPA + migration "suite" and one with DS along with some
> scripts to generate objects that I used for testing.
>
> Using the migration plugin is really easy, you just point it to the DS
> server and enter the directory manager password.
>
> Pavel
ack, pushed to master
More information about the Freeipa-devel
mailing list