[Freeipa-users] export entire ldap/kerberos/etc onto a new host
Peter Doherty
doherty at hkl.hms.harvard.edu
Tue Feb 8 14:49:31 UTC 2011
On Feb 3, 2011, at 11:41 , Dmitri Pal wrote:
> On 02/03/2011 10:51 AM, Peter Doherty wrote:
>>
>> On Feb 3, 2011, at 10:35 , Stephen Gallagher wrote:
>>
>>>
>>> - From the earlier points of the discussion, schema migration is
>>> planned
>>> for upgrades from 2.0.0 to future versions. It's only something
>>> that was
>>> left out of the alpha/beta process because things were still in
>>> churn
>>> and those releases were never intended to be in production. Once
>>> 2.0.0
>>> is baked, obviously the upgrade path will need to be clean.
>>
>>
>> Is there a plan to include the ability for users of 1.2 to migrate to
>> 2.0?
>> I'd consider setting up and using 1.2 right now if I know that I can
>> migrate to 2.0 when the stable release comes out.
>>
>
> This is a use case that we have in mind. v1 is treated as an
> external DS
> thought.
> This migration is planned through the migrate-ds + SSSD or special
> page
> to migrate passwords. The v1 and v2 schemas are drastically different
> but v1 just has users and groups and migrate-ds script takes care of
> it.
> This is well covered in the migration guide.
>
> <snip>
>
> Thanks
> Dmitri
For the curious out there, I set up a FreeIPA 1.2 server and recreated
all the users and groups, and dumped and imported the other LDAP info
(mostly automount maps) User passwords were reset. It took most of a
day, but things are running again. If/when there's a migration path
into v2 I'll look into it. From what I've seen the feature set in v2
is nice, I'm looking forward to seeing the final product.
Peter
More information about the Freeipa-users
mailing list