[Freeipa-users] upgrade 3.0 -> 4.1
Martin Kosek
mkosek at redhat.com
Tue Apr 7 10:54:02 UTC 2015
On 04/03/2015 04:45 PM, Tamas Papp wrote:
>
>
> On 04/03/2015 03:46 PM, Brian Topping wrote:
>>> On Apr 3, 2015, at 6:48 AM, Tamas Papp <tompos at martos.bme.hu> wrote:
>>>
>>> hi All,
>>>
>>> I have CentOS 6.6 server and want to upgrade to 7.1.
>>>
>>> What is the upgrade path, can I do it directly or first I need to make it to
>>> 3.3?
>>> Also is there any known issue I should expect with workarounds?
>> I just did this yesterday, so here's my experience. If you have a simple
>> single-server installation with no custom LDAP DIT modifications, you should
>> find "yum upgrade" does the right thing.
>>
>> If you do have DIT mods, you should ask yourself why they are there and
>> whether the data will still be accessible after the ACLs are changed. In my
>> case, I had Postfix using a LDAP hash and mail delivery stopped working
>> (although the domain data was still there just fine).
>>
>> Note that the ACLs will propagate from the 4.1 server to your 3.0 if they are
>> replicated. To be safe, back up all replicas (snapshot or whatnot) before the
>> first upgrade and if you decide to restore any of them, be sure everything is
>> shut down and restore all of them to avoid 4.x schema contaminating 3.0 as
>> they come up.
>
> Ouch, that must have hurt:)
> As far as I recall, we have just very small custom changes.
Then you should be able to follow the standard migration path without too much
issue.
To check the biggest changes in FreeIPA 4.1, compared to the old FreeIPA 3.x
versions, see
http://www.freeipa.org/page/Releases/4.0.0
http://www.freeipa.org/page/Releases/4.1.0
Martin
More information about the Freeipa-users
mailing list