On Wed, 2011-05-25 at 17:00 -0400, Dan Scott wrote: > Hello, > > I have a FreeIPA 1.2.1 system (1 master and 1 replica server) running > on Fedora 14. I'd like to migrate to FreeIPA 2, now that Fedora 15 has > been released. But I have a few questions: > > 1. Can Fedora 15 clients authenticate against my FreeIPA 1 servers?
Yes but you should configure them as normal LDAP+Krb clients not FreeIPA clients. > 2. Can Fedora 14 (and older, and Windows and Mac) clients authenticate > against FreeIPA 2 servers? Yes as normal LDAP+Krb clients. > 3. Can I migrate the servers from FreeIPA 1 to 2 (presumably requiring > an upgrade from Fedora 14 to 15 along the way). You need to perform an actual data migration, I suggest you install a separate box with F15 + freeipa v2 and migrate accounts from the v1 instance. Direct upgrades from v1 to v2 by way of an rpm upgrade are not possible. > Overall, my questions boil down to this: Can I migrate systems as and > when possible/convenient, or do I have to do 'everything' in one go? You don't have to do everything in one go, except for the server instances (unless you can live for a while in a split brain situation). > I looked through the documentation, but the V2 docs currently seem > quite developer-centric, does anyone have any links for me? Take a look at this: http://obriend.fedorapeople.org/freeIPA2.0/Identity_and_Policy_Management_Guide/html-single/ Still a work in progress but there is a lot already. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users