On Tue, Aug 22, 2017 at 10:59 AM, Florence Blanc-Renaud via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote: > On 08/22/2017 07:53 AM, Mon Corotan via FreeIPA-users wrote: >> >> Hi.. >> >> Sorry for my this late update.. Thank you for responding to my query. >> I was able to do it on my test vm environment, replication and migration >> also works. >> >> I tried this process on production environment but unfortunately I am >> encountering an error. >> Here's my scenario, I have an FreeIPA server (old one) and another FreeIPA >> server with no users and etc. >> I need to do replication/migration so the data from the old one will be >> seen on the new ipa server. I was expecting to have a positive and smooth >> operation since I have tested it on test vm. But unfortunately an error was >> encountered "CRITICAL Failed to restart the directory server ". >> >> I checked the certificates and they are all valid and not expired also the >> pki-tomcatd service stops. My senior said that this issue was present even >> before I handled this project and they are not able to resolve this. Someone >> suggested to try using ldap commands not the ipa-tools on this so I can >> transfer user details, etc to another server. >> >> May I know if this is possible and can you give me some instructions on >> how I can do migration using ldap commands. >> Thank you!!
Do I understand it correctly that you have 2 completely separated FreeIPA servers. I.e. they are not replicas of each other created by ipa-replica-install. And you would like to transfer data from one to other. If you want to transfer only users and groups then `ipa migrate-ds` command might be an option - but it has limitation that it doesn't create user private groups. If you want to transfer more data then you would need to load the data and add it via FreeIPA API or CLI becaise FreeIPA-FreeIPA migration is not an implemented feature. See, old RFE: https://pagure.io/freeipa/issue/3656 More details in https://www.freeipa.org/page/Howto/Migration But if you want to create only IPA replica then follow Flo's suggestions. >> _______________________________________________ >> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org >> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org >> > Hi, > > can you detail the exact steps you performed, and provide logs related to > the failure when starting the directory server? > > You may want to have a look at our Troubleshooting page [1], and check which > files to provide for debugging [2]. > > HTH, > Flo > > [1] https://www.freeipa.org/page/Troubleshooting > [2] https://www.freeipa.org/page/Files_to_be_attached_to_bug_report > > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org -- Petr Vobornik _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
