[Freeipa-users] Migration from FreeIPA 1.2.1 to 2
Simo Sorce
simo at redhat.com
Wed May 25 21:54:14 UTC 2011
On Wed, 2011-05-25 at 17:00 -0400, Dan Scott wrote:
> Hello,
>
> I have a FreeIPA 1.2.1 system (1 master and 1 replica server) running
> on Fedora 14. I'd like to migrate to FreeIPA 2, now that Fedora 15 has
> been released. But I have a few questions:
>
> 1. Can Fedora 15 clients authenticate against my FreeIPA 1 servers?
Yes but you should configure them as normal LDAP+Krb clients not FreeIPA
clients.
> 2. Can Fedora 14 (and older, and Windows and Mac) clients authenticate
> against FreeIPA 2 servers?
Yes as normal LDAP+Krb clients.
> 3. Can I migrate the servers from FreeIPA 1 to 2 (presumably requiring
> an upgrade from Fedora 14 to 15 along the way).
You need to perform an actual data migration, I suggest you install a
separate box with F15 + freeipa v2 and migrate accounts from the v1
instance. Direct upgrades from v1 to v2 by way of an rpm upgrade are not
possible.
> Overall, my questions boil down to this: Can I migrate systems as and
> when possible/convenient, or do I have to do 'everything' in one go?
You don't have to do everything in one go, except for the server
instances (unless you can live for a while in a split brain situation).
> I looked through the documentation, but the V2 docs currently seem
> quite developer-centric, does anyone have any links for me?
Take a look at this:
http://obriend.fedorapeople.org/freeIPA2.0/Identity_and_Policy_Management_Guide/html-single/
Still a work in progress but there is a lot already.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list