[Freeipa-users] migrating 3.0 -> 4.1: passwords not migrated?
Martin Kosek
mkosek at redhat.com
Wed Jun 10 13:35:27 UTC 2015
On 06/10/2015 03:32 PM, Christopher Lamb wrote:
> Hi Tamas
>
> I think the general advice is to replicate rather than to migrate. I am
> sure Martin K will jump in on this.
Yes :-)
> However some weeks ago, when doing a very similar move to yours, we chose
> to migrate (we were misled by some very old FreeIPA docus that have since
> been archived).
>
> In our case passwords were successfully migrated, so the users were able to
> use the same user / password combo as before.
>
>
> I will see if I can dig out the migrate command we used at the time.
Did you use the migration command advised in
https://www.freeipa.org/page/Howto/Migration#Migrating_from_other_FreeIPA_to_FreeIPA
?
>
> Chris
>
>
>
> From: Tamas Papp <tompos at martos.bme.hu>
> To: freeipa-users at redhat.com
> Date: 10.06.2015 15:19
> Subject: [Freeipa-users] migrating 3.0 -> 4.1: passwords not migrated?
> Sent by: freeipa-users-bounces at redhat.com
>
>
>
> hi,
>
> Currently there are CentOS 6.5 servers and IPA 3.0.
>
> The goal is migrating users to CentOS 7.1 and IPA 4.1.
>
> This is the command I use:
>
>
> $ ipa migrate-ds ldap://ipa11
> --user-container=cn=users,cn=accounts,dc=foo
> --group-container=cn=groups,cn=accounts,dc=foo --base-dn=dc=foo
> --with-compat < ~/.pw.manager
>
>
> Users are migrated successfully but password must be reset, otherwise
> they cannot logon. Any idea, what's going on?
>
>
>
>
> I also have a bonus question.
> How can I migrate the cn=sysaccounts,cn=etc,dc=cxn tree? Do I need to
> export/import it as ldif and that's all?
>
>
> Thanks,
> tamas
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
>
>
>
More information about the Freeipa-users
mailing list