On Wed, 2011-05-25 at 17:00 -0400, Dan Scott wrote:
> Hello,
> I have a FreeIPA 1.2.1 system (1 master and 1 replica server) running
> on Fedora 14. I'd like to migrate to FreeIPA 2, now that Fedora 15 has
> been released. But I have a few questions:
> 1. Can Fedora 15 clients authenticate against my FreeIPA 1 servers?

Yes but you should configure them as normal LDAP+Krb clients not FreeIPA

> 2. Can Fedora 14 (and older, and Windows and Mac) clients authenticate
> against FreeIPA 2 servers?

Yes as normal LDAP+Krb clients.

> 3. Can I migrate the servers from FreeIPA 1 to 2 (presumably requiring
> an upgrade from Fedora 14 to 15 along the way).

You need to perform an actual data migration, I suggest you install a
separate box with F15 + freeipa v2 and migrate accounts from the v1
instance. Direct upgrades from v1 to v2 by way of an rpm upgrade are not

> Overall, my questions boil down to this: Can I migrate systems as and
> when possible/convenient, or do I have to do 'everything' in one go?

You don't have to do everything in one go, except for the server
instances (unless you can live for a while in a split brain situation).

> I looked through the documentation, but the V2 docs currently seem
> quite developer-centric, does anyone have any links for me?

Take a look at this:

Still a work in progress but there is a lot already.


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to