Thank you! I will take this and change it suit my network and let you know.
On Monday, October 9, 2017, 12:16:05 PM CDT, Gabriel Faber via
FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote:
Here's what worked for me (all output removed):
# ipa-compat-manage disable
# systemctl restart dirsrv.target
# ipa config-mod --enable-migration=TRUE
# ipa -v migrate-ds --user-container='dc=melodis,dc=com'
--group-container='ou=Group,dc=melodis,dc=com' --user-objectclass=posixAccount
--group-objectclass=posixGroup --bind-dn='cn=Manager,dc=melodis,dc=com'
ldap://ns1.sca.melodis.com:389
# ipa-compat-manage enable
# systemctl restart dirsrv.target
# ipa config-mod --enable-migration=FALSE
Note: As we added ' ipaNTHash' for users (by running 'ipa-adtrust-install'),
I had to add a 'Range' in the GUI before running these commands. That is
probably not necessary otherwise.
Gabriel
On 10/9/2017 9:24, Andrew Meyer via FreeIPA-users wrote:
I'm heading down that route as well. But I would like to have both options
available to the boss.
I'm not sure if my syntax is incorrect. That's where I need help.
On Monday, October 9, 2017, 11:09:52 AM CDT, Mark Haney via FreeIPA-users
<freeipa-users@lists.fedorahosted.org> wrote:
Honestly, we simply built a new IPA configuration rather than try to
migrate. It's been far easier to move clients over by ripping the
OpenLDAP off and installing IPA-client than mucking with a conversion.
On 10/09/2017 11:50 AM, Andrew Meyer via FreeIPA-users wrote:
> Hello,
> I am planning to migrate from a OpenLDAP installation to FreeIPA.
>
> I have been following the directions and matching it to several blog
> posts about this however I am coming up with errors.
>
> [user@infra-test-ipa ~]$ ipa migrate-ds --user-container=users
> --group-container=group --user-objectclass=inetOrgPerson
> --group-objectclass=groupOfNames,groupOfUniqueNames
> ldap://my.host.name:389
> Password:
> ipa: ERROR: invalid 'group_container': malformed RDN string = "group"
> [user@infra-test-ipa ~]$ ipa migrate-ds --user-container=users
> --group-container=group ldap://my.host.name:389
> Password:
> ipa: ERROR: invalid 'group_container': malformed RDN string = "group"
> [user@infra-test-ipa ~]$ ipa migrate-ds --user-container=users
> --group-container=Group ldap://my.host.name:389
> Password:
> ipa: ERROR: invalid 'group_container': malformed RDN string = "Group"
> [user@infra-test-ipa ~]$ sudo kinit admin
> Password for ad...@mynewdomain.net:
> [user@infra-test-ipa ~]$ sudo ipa migrate-ds --user-container=users
> --group-container=Group ldap://my.host.name:389
> Password:
> ipa: ERROR: invalid 'group_container': malformed RDN string = "Group"
> [user@infra-test-ipa ~]$ sudo ipa migrate-ds --user-container="Users"
> --group-container=Group ldap://my.host.name:389
> Password:
> ipa: ERROR: invalid 'group_container': malformed RDN string = "Group"
> [user@infra-test-ipa ~]$ sudo ipa migrate-ds --user-container="Users"
> --base-dn="ou=Users,dc=olddomain,dc=local" --with-compat
> --group-container="Group" ldap://my.host.name:389
> Password:
> ipa: ERROR: invalid 'group_container': malformed RDN string = "Group"
>
>
> Has anyone run into this?
> I am running CentOS 7 w/ the latest version of everything.
>
>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
--
Mark Haney
Network Engineer at NeoNova
919-460-3330 option 1
mark.ha...@neonova.net
www.neonova.net
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
--
Gabriel Faber
Senior Operations Engineer
SoundHound Inc.
408-441-3267 _______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
