<html><head>
    <meta content="text/html; charset=windows-1252" http-equiv="Content-Type" />
  
  </head><body bgcolor="#FFFFFF" text="#000000">Thanks for the clarification Standa. <br>
<br>
Cheers, <br>
Dagan McGregor <br><br><div class="gmail_quote">On 25 March 2017 12:39:22 AM NZDT, Standa Laznicka <slaznick@redhat.com> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">

  
    <div class="moz-cite-prefix">While I don't consider myself an
      expert, I should note that ipa-replica-prepare has not been
      deprecated. The proposed solution to follow <br />
      <pre wrap=""><a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/h">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrade-6-to-7.html</a>

</pre>
      is indeed the correct one.<br />
      <br />
      Not to be confused about ipa-replica-prepare: this command shall
      not be used on domain level 1 machines since the replication is<br />
      solved in a smarter and more automatic way. The command would not
      work on domain level 1 anyway.<br />
      <br />
      HTH,<br />
      Standa<br />
      <br />
      On 03/24/2017 11:58 AM, Christophe TREFOIS wrote:<br />
    </div>
    <blockquote cite="mid:9BE76508-A614-461B-A4D3-D8C765FF4721@uni.lu" type="cite">
      <meta http-equiv="Content-Type" content="text/html;          charset=windows-1252" />
      I’m not expert but I think ipa-replica-prepare is depcrecated in
      4.4 as the procedure become more simple.
      <div class=""><br class="" />
      </div>
      <div class="">I think setting up a new cluster of CentOS 7.3
        machines and setting up replicas against the old cluster is
        sufficient.</div>
      <div class=""><br class="" />
      </div>
      <div class="">What do the experts say?<br class="" />
        <div class="">
          <div style="color: rgb(0, 0, 0); letter-spacing: normal;              orphans: auto; text-align: start; text-indent: 0px;              text-transform: none; white-space: normal; widows: auto;              word-spacing: 0px; -webkit-text-stroke-width: 0px;              word-wrap: break-word; -webkit-nbsp-mode: space;              -webkit-line-break: after-white-space;" class="">
            <div style="color: rgb(0, 0, 0); letter-spacing: normal;                orphans: auto; text-align: start; text-indent: 0px;                text-transform: none; white-space: normal; widows: auto;                word-spacing: 0px; -webkit-text-stroke-width: 0px;                word-wrap: break-word; -webkit-nbsp-mode: space;                -webkit-line-break: after-white-space;" class="">
              <div style="color: rgb(0, 0, 0); letter-spacing: normal;                  orphans: auto; text-align: start; text-indent: 0px;                  text-transform: none; white-space: normal; widows: auto;                  word-spacing: 0px; -webkit-text-stroke-width: 0px;                  word-wrap: break-word; -webkit-nbsp-mode: space;                  -webkit-line-break: after-white-space;" class="">
                <p style="font-family: Arial, sans-serif; font-size:                    10pt; line-height: 16px; color: rgb(33, 33, 33);" class=""><span style="color: rgb(61, 59, 59); display:                      inline;" class="">-- </span></p>
                <p style="font-family: Arial, sans-serif; font-size:                    10pt; line-height: 16px; color: rgb(33, 33, 33);" class=""><span style="font-weight: bold; color:                      rgb(61, 59, 59); display: inline;" class="">Dr
                    Christophe Trefois, Dipl.-Ing.</span><span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><span style="display: inline;" class=""></span><br class="" />
                  <span style="color: rgb(61, 59, 59); display: inline;                      font-size: 7.5pt;" class="">Technical Specialist /
                    Post-Doc</span></p>
                <p style="font-family: Arial, sans-serif; font-size:                    7.5pt; line-height: 16px;" class=""><span style="font-weight: bold; color: rgb(61, 59, 59);                      display: inline;" class="">UNIVERSITÉ DU LUXEMBOURG</span><br class="" />
                  <span style="display: inline;" class=""><br class="" />
                  </span><span style="font-weight: bold; color: rgb(61,                      59, 59); display: inline;" class="">LUXEMBOURG
                    CENTRE FOR SYSTEMS BIOMEDICINE</span><br class="" />
                  <span style="color: rgb(61, 59, 59); display: inline;" class="">Campus Belval | House of Biomedicine<span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><br class="" />
                    <span class="Apple-converted-space">6, avenue du
                      Swing </span><br class="" />
                    L-4367 Belvaux<span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span></span><br class="" />
                  <span style="color: rgb(61, 59, 59); display: inline;" class="">T:<span class="Apple-converted-space"> </span></span><span style="color: rgb(61, 59, 59); display: inline;" class="">+352 46 66 44 6124</span><span class="Apple-converted-space"> </span><br class="" />
                  <span style="color: rgb(61, 59, 59); display: inline;" class="">F:<span class="Apple-converted-space"> </span></span><span style="color: rgb(61, 59, 59); display: inline;" class="">+352 46 66 44 6949</span><span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><span style="display: inline;" class=""><br class="" />
                  </span><a moz-do-not-send="true" href="http://www.uni.lu/lcsb" style="color: rgb(0,                      109, 189); display: inline;" class="">http://www.uni.lu/lcsb</a></p>
                <p style="font-family: Arial, sans-serif; font-size:                    14px; line-height: 16px;" class=""><a moz-do-not-send="true" href="https://www.facebook.com/trefex" style="display: inline;" class=""><img moz-do-not-send="true" data-filename="facebook.png" src="https://s3.amazonaws.com/htmlsig-assets/rounded/facebook.png" alt="Facebook" class="" height="24" width="24" /></a><span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><a moz-do-not-send="true" href="https://twitter.com/Trefex" style="display:                      inline;" class=""><img moz-do-not-send="true" data-filename="twitter.png" src="https://s3.amazonaws.com/htmlsig-assets/rounded/twitter.png" alt="Twitter" class="" height="24" width="24" /></a><span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><a moz-do-not-send="true" href="https://plus.google.com/+ChristopheTrefois/" style="display: inline;" class=""><img moz-do-not-send="true" data-filename="googleplus.png" src="https://s3.amazonaws.com/htmlsig-assets/rounded/googleplus.png" alt="Google Plus" class="" height="24" width="24" /></a><span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><a moz-do-not-send="true" href="https://www.linkedin.com/in/trefoischristophe" style="display: inline;" class=""><img moz-do-not-send="true" data-filename="linkedin.png" src="https://s3.amazonaws.com/htmlsig-assets/rounded/linkedin.png" alt="Linkedin" class="" height="24" width="24" /></a><span class="Apple-converted-space"> </span><span class="Apple-converted-space"> </span><a moz-do-not-send="true" href="http://skype:Trefex?call" style="display:                      inline;" class=""><img moz-do-not-send="true" data-filename="skype.png" src="https://s3.amazonaws.com/htmlsig-assets/rounded/skype.png" alt="skype" class="" height="24" width="24" /></a></p>
                <p style="font-family: Arial, sans-serif; color: rgb(61,                    59, 59); font-size: 9px; line-height: 16px;" class="">----<br class="" />
                  This message is confidential and may contain
                  privileged information.<span class="Apple-converted-space"> </span><br class="" />
                  It is intended for the named recipient only.<span class="Apple-converted-space"> </span><br class="" />
                  If you receive it in error please notify me and
                  permanently delete the original message and any
                  copies.<span class="Apple-converted-space"> </span><br class="" />
                  ----<br class="" />
                </p>
                 <span class="Apple-converted-space"> </span></div>
            </div>
          </div>
        </div>
        <br class="" />
        <div>
          <blockquote type="cite" class="">
            <div class="">On 24 Mar 2017, at 00:54, Zak Peirce <<a moz-do-not-send="true" href="mailto:zak.peirce@zoom.us" class="">zak.peirce@zoom.us</a>> wrote:</div>
            <br class="Apple-interchange-newline" />
            <div class="">
              <div class="">I am looking to take this same journey.  I
                found this guide, it seems like<br class="" />
                it covers all the bases<br class="" />
                <br class="" />
                <a moz-do-not-send="true" href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/h" class="">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/h</a><br class="" />
tml/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrade-6-to-7.h<br class="" />
                tml<br class="" />
                <br class="" />
                <br class="" />
                -Zak<br class="" />
                <br class="" />
                -----Original Message-----<br class="" />
                From: <a class="moz-txt-link-abbreviated" href="mailto:freeipa-users-bounces@redhat.com">freeipa-users-bounces@redhat.com</a><br class="" />
                [<a class="moz-txt-link-freetext" href="mailto:freeipa-users-bounces@redhat.com">mailto:freeipa-users-bounces@redhat.com</a>] On Behalf Of
                Dagan<br class="" />
                Sent: Thursday, March 23, 2017 3:52 PM<br class="" />
                To: <a class="moz-txt-link-abbreviated" href="mailto:freeipa-users@redhat.com">freeipa-users@redhat.com</a><br class="" />
                Subject: [Freeipa-users] Migration from FreeIPA 3.0 to
                4.x<br class="" />
                <br class="" />
                Hi,<br class="" />
                <br class="" />
                I am hoping someone will be able to help answer some
                questions about<br class="" />
                migrations.<br class="" />
                <br class="" />
                I have been asked to look at upgrading an existing
                FreeIPA installation on<br class="" />
                CentOS 6 (3.0.0) to a new installation on CentOS 7 with
                a recent stable<br class="" />
                release (4.4.0).<br class="" />
                <br class="" />
                The existing CentOS 6 installation does not manage DNS
                or have a CA that<br class="" />
                is being used (though the may be installed. It's
                primarily for user<br class="" />
                authentication and user group management.<br class="" />
                <br class="" />
                There are only a small number of users, groups, and
                hosts to migrate -<br class="" />
                less than 100 of each.<br class="" />
                But the data is used for LDAP integration in various
                applications so it<br class="" />
                needs to be consistent.<br class="" />
                <br class="" />
                Would it be recommended to do a straight LDIF type
                export and import of<br class="" />
                the data, and configure the new FreeIPA installation for
                the new<br class="" />
                access/sudo rules?<br class="" />
                <br class="" />
                Would that risk leaving behind any data I would need to
                know about?<br class="" />
                <br class="" />
                We are planning to review the sudo rules, host access
                lists etc as part of<br class="" />
                the migration work. So leaving behind some data may not
                be a blocker to<br class="" />
                upgrade.<br class="" />
                <br class="" />
                Any suggestions or links welcome.<br class="" />
                <br class="" />
                Cheers,<br class="" />
                Dagan McGregor<br class="" />
                <br class="" />
                <br class="" />
                <br class="" />
                <br class="" />
                -- <br class="" />
                Manage your subscription for the Freeipa-users mailing
                list:<br class="" />
                <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br class="" />
                Go to <a class="moz-txt-link-freetext" href="http://freeipa.org">http://freeipa.org</a> for more info on the project<br class="" />
                <br class="" />
                -- <br class="" />
                Manage your subscription for the Freeipa-users mailing
                list:<br class="" />
                <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br class="" />
                Go to <a class="moz-txt-link-freetext" href="http://freeipa.org">http://freeipa.org</a> for more info on the project<br class="" />
              </div>
            </div>
          </blockquote>
        </div>
        <br class="" />
      </div>
      <br />
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br />
    </blockquote>
    <p><br />
    </p>
  
</blockquote></div></body></html>