Jenny Galipeau wrote:
Michael Kang wrote:
Dear FreeIPA community,

My PL wants to migrate a directory server(storing employees info and Linux user accounts) from 389-ds(1.1.x) to FreeIPA(1.2.2). I backed up from the command line using the */db2bak/* command-line script. I got two LDIF files and two folders(userRoot and NetscapeRoot) which contains many db4 files.

After reading the FreeIPA Administrator Guide, I realized there is no */db2bak/* or */bak2db/* commands for FreeIPA users. So I copy those LDIF files and folders to /var/lib/dirsrv/<ds instance> directly. Then I run */service dirsvr restart/*, the dirsvr instance cannot start anymore. The instance names of 389-ds and FreeIPA are different.

How can I finish this hard job? Have anybody ever migrated successfully? I need your help..

remove any unneeded structural and configuration options from the ldif
convert this ldif to the IPA DIT
load the ldif

You can see the DIT we use at

Note that this will get the users added with their existing passwords but does not give them kerberos principals. We don't currently provide any mechanism for setting this on a migrated user though we are working on it.

What I would recommend also is to create a few IPA users and compare the objectclasses that we use to the users you are migrating.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Freeipa-users mailing list

Reply via email to