We are migrating from an ancient FreeIPA 2.0 server to a 3.1.5 server. Is 
there a documented procedure to export all the data from the 2.0 server and 
import it into the 3.1.5 server?

If I copy files over (PKI DB, main IPA DB, Kerberos stuff), will they be 
upgraded on next restart, or is it much, much, more complicated than that.

So far, I have the rough steps (see attached). But I don't know for sure if 
that will work.

Any ideas or insights?



Joshua J. Kugler - Fairbanks, Alaska
Azariah Enterprises - Programming and Website Design
jos...@azariah.com - Jabber: pedah...@gmail.com
PGP Key: http://pgp.mit.edu/  ID 0x73B13B6A
# Get the Info
# get the PKI db
/usr/lib64/dirsrv/slapd-PKI-IPA/db2ldif.pl -D "cn=Directory Manager" -w - -n 
# get the main IPA db
/var/lib/dirsrv/scripts-LAB-WHAMCLOUD-COM/db2ldif.pl -D 'cn=Directory Manager' 
-w - -n userRoot

KERBEROS="/etc/krb5* /etc/sysconfig/kadmin /etc/sysconfig/krb5kdc /var/kerberos"
DIRSRV="/etc/dirsrv /var/lib/dirsrv /etc/sysconfig/dirsrv /var/run/dirsrv 
CERTMONGER="/etc/certmonger /var/lib/certmonger"
IPA="/var/lib/ipa /etc/ipa /root/ca* /etc/httpd/conf/ipa.keytab"
BACKUP_TGZ=/var/tmp/ipa-backup-$(date +%Y%m%d-%H%M%S).tar.gz

# Transfer to new system and import
cd /

/usr/lib64/dirsrv/slapd-PKI-IPA/ldif2db.pl -D "cn=Directory Manager" -w - -n 
ipaca \
      -v -i 
/var/lib/dirsrv/scripts-LAB-WHAMCLOUD-COM/ldif2db.pl -D "cn=Directory Manager" 
-w - \
      -n userRoot -v \

rsync -aP /tmp/restore/var/kerberos/ /var/kerberos/
cp -a /tmp/restore/etc/krb5.keytab /etc
cp -a /tmp/restore/etc/dirsrv/ds.keytab /etc/dirsrv
cp -a /tmp/restore/etc/httpd/conf/ipa.keytab /etc/httpd/conf
cp -a /tmp/restore/root/ca*.p12 /root
Freeipa-users mailing list

Reply via email to