Hi Rob, Thanks for the reply.
User Private Group didn't get migrated. When I login I see Group number being a number. How do I migrate UPG over? Thanks very much! Tony On Mon, Apr 10, 2023, 7:34 AM Rob Crittenden <[email protected]> wrote: > Tony Super via FreeIPA-users wrote: > > Hello, > > > > I am trying to migrate from my an IPA server that has FIPS disabled to > an IPA server that has FIPS enabled. Both the old and the new IPA will have > DNS, CA, and etc. > > > > I ran: ipa migrate-ds --bind-dn="cn=Directory Manager" > --user-container=cn=users,cn=accounts > --group-container=cn=groups,cn=accounts --group-objectclass=posixgroup > --user-ignore-objectclass=mepOriginEntry --with-compat ldap:// > oldipa.server.com However, when I login to a client machine connected to > the new IPA server, my file ownership becomes htony : nobody. > > > > What steps have I missed within the migration process? > > > > I've tried exporting cn=groups tree from the old IPA server into a LDIF > and imported to the new IPA server, but it did not solve the problem. > > Did your user-private groups migrate? Is there an htony group? What is > the group value in getent passwd htony? > > > For everything else, DNS, sudoers, automount, and etc, can I simply > export from the old server and import into the new server? > > Probably. It's possible you might have to massage some of the entries > but I don't know of anything specific. > > > I also have 100+ client machines, is there an easy way where I can > unjoin the machines from old-ipa-server and then join to the > new-ipa-server? (My infrastructure is Ansible-enabled) > Take a look at the ansible-freeipa project (and not freeipa-ansible). > > rob > >
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
