[Freeipa-devel] [PATCH] 075 Add ignore lists to migrate-ds command
Rob Crittenden
rcritten at redhat.com
Tue Jun 14 17:43:03 UTC 2011
Martin Kosek wrote:
> On Thu, 2011-06-09 at 15:14 -0400, Rob Crittenden wrote:
>> Martin Kosek wrote:
>>> How to test:
>>> 1) Create a custom DS instance with for example 60radius.ldif schema
>>> present (as in the original report in ticket #1266)
>>> 2) Populate DS with users/groups with custom unsupported object
>>> class/attribute
>>> 3) Try to migrate these users and groups to IPAv2. Only the enhanced
>>> migrate-ds command should be successful:
>>>
>>> # ipa migrate-ds ldap://vm-102.idm.lab.bos.redhat.com:389
>>> --schema=RFC2307 --user-objectclass=posixAccount
>>> --group-objectclass=posixgroup --user-container='ou=People'
>>> --group-container='cn=Accounting Managers,ou=Groups'
>>> --user-ignore-objectclass=radiusprofile,radiusclientprofile
>>> --user-ignore-attribute=radiusclientsecret,radiusclientipaddress
>>>
>>> ---
>>> When user migrates users/groups from an old DS instance, the
>>> migration may fail on unsupported object classes and/or
>>> relevant LDAP object attributes.
>>>
>>> This patch implements a support for object class and attribute
>>> ignore lists that can be used to suppress these migration issues.
>>>
>>> Additionally, a redundant "dev/null" file is removed from git repo
>>> (originally added in 26b0e8fc9809a4cd9f2f9a2281f0894e2e0f8db2).
>>>
>>> https://fedorahosted.org/freeipa/ticket/1266
>>
>> This isn't applying to master, the blacklists hunk and I wasn't sure
>> either where it should go.
>>
>> I did notice one general problem though: objectclasses should be treated
>> case insensitive.
>>
>> rob
>
> I rebased the patch. Objectclasses and attributes were already treated
> case insensitively, so no change needed there.
>
> Martin
Ack, works as advertised.
rob
More information about the Freeipa-devel
mailing list