Drew Erny wrote:
More newbie questions. I have what I believe to be a fix for Ticket
#2547 (https://fedorahosted.org/freeipa/ticket/2547) written, but I need
to test this fix. I need to migrate an LDAP database that is in the
previously expected for (all users and groups under 1 level) and migrate
an LDAP database that is in a nested form where there might be many
sub-ou's to search for users and groups. I need to make sure the outcome
of both migrations is the same.
What would be the best way to go about this, more specifically than "set
up two LDAP server and migrate them". Like, what tools are available to
help me get this set up? Also, how can I preserve my work so that next
time we have to modify migration code, it can be easily tested? Should I
spin up VMs and save the images?
Also, I can just send a patch if someone feels so utterly confident in
the codebase that they can tell if the thing I've done is right or wrong
just by looking at it.
I'm pretty sure the 389-ds team has scripts to generate test users and
groups in ldif format. I'd ask them for it.
I'd use this to seed an openldap server install, then migrate from that.
You can learn how to setup openldap at
I believe migration testing is something that is missing in the in-tree
tests (ipatests). Perhaps a test could be made that fires up an openldap
server on an unprivileged port and either generates a bunch of
users/groups and imports it or uses a pre-canned ldif (one is slow but
more random, the other faster but runs the risk of missign things).
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code