[Freeipa-users] Migration from RHEL6 (3.0.0-42) to CentOS7 (3.3.3-28.0.1)

Benjamin Reed ranger at opennms.org
Tue Mar 10 13:46:02 UTC 2015 

On 3/10/15 9:31 AM, Alexander Bokovoy wrote:
> Are you following these instructions?
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/migrating-ipa-proc.html


Aha!  No.  There are so many false positives in google I had no idea
that document existed.  Pretty much everything I've found that links to
"how to migrate" takes me to this:

http://www.freeipa.org/page/Howto/Migration#Migrating_to_different_platform_or_OS

...which in turn pointed to this:

http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/Setting_up_IPA_Replicas.html

I didn't see anything about RHEL6->RHEL7 or FreeIPA 3.0->3.3
http://www.freeipa.org/page/Documentation unless I missed it.  The 3.3
section on there is pretty much just a collection of things about new
features.  (And a presentation deck that points to that first link above...)

Anyways, thank you for the link.  That makes it much clearer.

I do have one problem now. I currently have the following systems:

connect: RHEL6, FreeIPA master
auth.internal: CentOS6, FreeIPA replica
auth: CentOS7, migration target

Following the instructions you linked, I ran the copy-schema-to-ca.py
script on connect, and it completed successfully.  I then tried to run
it on auth.internal (the CentOS6 replica) and it fails with this error:

> python copy-schema-to-ca.py
> Traceback (most recent call last):
>   File "copy-schema-to-ca.py", line 85, in <module>
>     main()
>   File "copy-schema-to-ca.py", line 79, in main
>     add_ca_schema()
>   File "copy-schema-to-ca.py", line 42, in add_ca_schema
>     pki_pent = pwd.getpwnam(PKI_USER)
> KeyError: 'getpwnam(): name not found: pkiuser'

...am I supposed to run this script the replica as well?  Or is
something broken on my replica?

Thanks,
Ben

-- 
Benjamin Reed
The OpenNMS Group
http://www.opennms.org/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150310/aac4bdb7/attachment.sig>

More information about the Freeipa-users mailing list