[Freeipa-users] Migration from FreeIPA 3.0 to 4.x
Christophe TREFOIS
christophe.trefois at uni.lu
Fri Mar 24 10:58:34 UTC 2017
I’m not expert but I think ipa-replica-prepare is depcrecated in 4.4 as the procedure become more simple.
I think setting up a new cluster of CentOS 7.3 machines and setting up replicas against the old cluster is sufficient.
What do the experts say?
--
Dr Christophe Trefois, Dipl.-Ing.
Technical Specialist / Post-Doc
UNIVERSITÉ DU LUXEMBOURG
LUXEMBOURG CENTRE FOR SYSTEMS BIOMEDICINE
Campus Belval | House of Biomedicine
6, avenue du Swing
L-4367 Belvaux
T: +352 46 66 44 6124
F: +352 46 66 44 6949
http://www.uni.lu/lcsb <http://www.uni.lu/lcsb>
<https://www.facebook.com/trefex> <https://twitter.com/Trefex> <https://plus.google.com/+ChristopheTrefois/> <https://www.linkedin.com/in/trefoischristophe> <http://skype:Trefex?call>
----
This message is confidential and may contain privileged information.
It is intended for the named recipient only.
If you receive it in error please notify me and permanently delete the original message and any copies.
----
> On 24 Mar 2017, at 00:54, Zak Peirce <zak.peirce at zoom.us> wrote:
>
> I am looking to take this same journey. I found this guide, it seems like
> it covers all the bases
>
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/h
> tml/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrade-6-to-7.h
> tml
>
>
> -Zak
>
> -----Original Message-----
> From: freeipa-users-bounces at redhat.com
> [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Dagan
> Sent: Thursday, March 23, 2017 3:52 PM
> To: freeipa-users at redhat.com
> Subject: [Freeipa-users] Migration from FreeIPA 3.0 to 4.x
>
> Hi,
>
> I am hoping someone will be able to help answer some questions about
> migrations.
>
> I have been asked to look at upgrading an existing FreeIPA installation on
> CentOS 6 (3.0.0) to a new installation on CentOS 7 with a recent stable
> release (4.4.0).
>
> The existing CentOS 6 installation does not manage DNS or have a CA that
> is being used (though the may be installed. It's primarily for user
> authentication and user group management.
>
> There are only a small number of users, groups, and hosts to migrate -
> less than 100 of each.
> But the data is used for LDAP integration in various applications so it
> needs to be consistent.
>
> Would it be recommended to do a straight LDIF type export and import of
> the data, and configure the new FreeIPA installation for the new
> access/sudo rules?
>
> Would that risk leaving behind any data I would need to know about?
>
> We are planning to review the sudo rules, host access lists etc as part of
> the migration work. So leaving behind some data may not be a blocker to
> upgrade.
>
> Any suggestions or links welcome.
>
> Cheers,
> Dagan McGregor
>
>
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170324/4c1e1915/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3509 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170324/4c1e1915/attachment.p7s>
More information about the Freeipa-users
mailing list