[Freeipa-users] migrating from OpenLDAP to freeIPA
Rob Crittenden
rcritten at redhat.com
Thu May 1 16:58:59 UTC 2014
cbulist at gmail.com wrote:
> Hi,
>
> I am trying to migrate my database from OpenLDAP to freeIPA
> (ipa-server-3.0.0-37.el6.x86_64) but I get an error when freeIPA starts
> to import the group (all the users were imported without problem).
> This is the command that I am using for import:
>
> ipa migrate-ds --with-compat --user-container="ou=People,dc=sample,dc=com" --group-container="ou=Group,dc=sample,dc=com" --bind-dn="cn=Manager,dc=sample,dc=com" ldap://openldap.sample.com
>
> ipa: ERROR: group LDAP search did not return any result (search base:
> ou=Group,dc=sample,dc=com, objectclass: groupofuniquenames, groupofnames)
>
>
>
> This is how looks a group in openldap database:
>
> dn: cn=ftp,ou=Group,dc=sample,dc=com
> objectClass: posixGroup
> objectClass: top
> cn: ftp
> userPassword: {crypt}x
> gidNumber: 50
>
> I tried migrate it without compat support and I got the same error.
> Any clue about this problem? Thanks in advance!...
We look for RFC2307(bis) groups with an objectclass of either
groupOfUniqueNames or groupOfNames. How does your group have any members
without one of these?
You should be able to pull these in with --groupobjectclass=posixgroup
rob
More information about the Freeipa-users
mailing list