[Freeipa-users] Export data
Petr Spacek
pspacek at redhat.com
Wed Jan 22 13:52:02 UTC 2014
On 22.1.2014 14:40, Rob Crittenden wrote:
> Martin Kosek wrote:
>> On 01/22/2014 01:48 PM, Choudhury, Suhail wrote:
>>> Hi guys,
>>>
>>> I trying to get a dump of all users, hosts and DNS entries from IPA so
>>> we can run scripts/Puppet against them.
>>>
>>> Tried searching for it but cannot find anything, so was hoping someone
>>> can give some hints on how best to do this please.
>>>
>>
>> You can either export them via ldapsearch:
>>
>> $ kinit admin
>> $ ldapsearch -h `hostname` -Y GSSAPI -b
>> 'cn=users,cn=accounts,dc=example,dc=com'
>>
>>
>> ... or for write a Python script to do what you want. Very simple example:
>>
>> $ kinit admin
>> $ python
>>>>> from ipalib import api
>>>>> api.bootstrap()
>>>>> api.finalize()
>>>>> api.Backend.xmlclient.connect()
>>>>> users = api.Command.user_find()
>>>>> for user in users['result']:... print "%s:%s:%s" % (user['uid'][0],
>> user['uidnumber'][0], user['gidnumber'][0])
>> ...
>> admin:1913600000:1913600000
>> tuser:1913600001:1913600001
>
> Be aware that there are some search limits too, both in size and time. Some of
> this is configurable from the client side, some on the server.
You can use standard zone transfer for DNS:
See
https://www.redhat.com/archives/freeipa-users/2013-September/msg00022.html
https://www.redhat.com/archives/freeipa-users/2013-September/msg00047.html
--
Petr^2 Spacek
More information about the Freeipa-users
mailing list