<div dir="ltr">Would you use ldapmodify -f file-name-with-exported-data to import the data back to a new copy of FreeIPA?<div><br></div><div>Thanks</div><div><br></div><div>Dimitar</div></div><div class="gmail_extra"><br><br>
<div class="gmail_quote">On Wed, Jan 22, 2014 at 8:52 AM, Petr Spacek <span dir="ltr"><<a href="mailto:pspacek@redhat.com" target="_blank">pspacek@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5">On 22.1.2014 14:40, Rob Crittenden wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Martin Kosek wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 01/22/2014 01:48 PM, Choudhury, Suhail wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi guys,<br>
<br>
I trying to get a dump of all users, hosts and DNS entries from IPA so<br>
we can run scripts/Puppet against them.<br>
<br>
Tried searching for it but cannot find anything, so was hoping someone<br>
can give some hints on how best to do this please.<br>
<br>
</blockquote>
<br>
You can either export them via ldapsearch:<br>
<br>
$ kinit admin<br>
$ ldapsearch -h `hostname` -Y GSSAPI -b<br>
'cn=users,cn=accounts,dc=<u></u>example,dc=com'<br>
<br>
<br>
... or for write a Python script to do what you want. Very simple example:<br>
<br>
$ kinit admin<br>
$ python<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

from ipalib import api<br>
api.bootstrap()<br>
api.finalize()<br>
api.Backend.xmlclient.connect(<u></u>)<br>
users = api.Command.user_find()<br>
for user in users['result']:...     print "%s:%s:%s" % (user['uid'][0],<br>
</blockquote></blockquote></blockquote>
user['uidnumber'][0], user['gidnumber'][0])<br>
...<br>
admin:1913600000:1913600000<br>
tuser:1913600001:1913600001<br>
</blockquote>
<br>
Be aware that there are some search limits too, both in size and time. Some of<br>
this is configurable from the client side, some on the server.<br>
</blockquote>
<br></div></div>
You can use standard zone transfer for DNS:<br>
<br>
See<br>
<a href="https://www.redhat.com/archives/freeipa-users/2013-September/msg00022.html" target="_blank">https://www.redhat.com/<u></u>archives/freeipa-users/2013-<u></u>September/msg00022.html</a><br>
<a href="https://www.redhat.com/archives/freeipa-users/2013-September/msg00047.html" target="_blank">https://www.redhat.com/<u></u>archives/freeipa-users/2013-<u></u>September/msg00047.html</a><span class="HOEnZb"><font color="#888888"><br>

<br>
-- <br>
Petr^2 Spacek</font></span><div class="HOEnZb"><div class="h5"><br>
<br>
______________________________<u></u>_________________<br>
Freeipa-users mailing list<br>
<a href="mailto:Freeipa-users@redhat.com" target="_blank">Freeipa-users@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" target="_blank">https://www.redhat.com/<u></u>mailman/listinfo/freeipa-users</a><br>
</div></div></blockquote></div><br></div>