On 01/22/2013 03:39 PM, Matthew Barr wrote: > We've got a freeipa system installed, but it's experiencing some bugs. > I suspect some of it came from adding & removing a replica, as well > as upgrading from prior versions. > (we're on centos 6.3 now) > > We're about to do a datacenter rebuild & move, and I'd like to start > from scratch, yet still import the users & their passwords. I > suspect we can just do a clean build in the new site, and just do a > migrate of the users via the ldap method.
Which exactly LDAP method? ldif dump and load? This would not work well unless you also manage to move certs and kerberos master key over which is really hard. > > Thoughts? I don't anticipate moving any hardware that's enrolled from > site to site, so certs & the like shouldn't be a factor. > If you are instead of dump and load will install a new IPA server it will not have any old data and will have new certs and kerberos keys. You would have to re-enroll all your clients once again. Users would have to deal with the password change after you read in users using ipa migrate-ds. Other information also would have be precreated using ipa commands but this can be scripted by taking an LDIF and creating a series of ipa commands to add data into the new instance. > > Matthew Barr > Technical Architect > E: [email protected] <mailto:[email protected]> > AIM: matthewbarr1 > c: (646) 727-0535 > > > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
