Would you use ldapmodify -f file-name-with-exported-data to import the data
back to a new copy of FreeIPA?

Thanks

Dimitar


On Wed, Jan 22, 2014 at 8:52 AM, Petr Spacek <pspa...@redhat.com> wrote:

> On 22.1.2014 14:40, Rob Crittenden wrote:
>
>> Martin Kosek wrote:
>>
>>> On 01/22/2014 01:48 PM, Choudhury, Suhail wrote:
>>>
>>>> Hi guys,
>>>>
>>>> I trying to get a dump of all users, hosts and DNS entries from IPA so
>>>> we can run scripts/Puppet against them.
>>>>
>>>> Tried searching for it but cannot find anything, so was hoping someone
>>>> can give some hints on how best to do this please.
>>>>
>>>>
>>> You can either export them via ldapsearch:
>>>
>>> $ kinit admin
>>> $ ldapsearch -h `hostname` -Y GSSAPI -b
>>> 'cn=users,cn=accounts,dc=example,dc=com'
>>>
>>>
>>> ... or for write a Python script to do what you want. Very simple
>>> example:
>>>
>>> $ kinit admin
>>> $ python
>>>
>>>> from ipalib import api
>>>>>> api.bootstrap()
>>>>>> api.finalize()
>>>>>> api.Backend.xmlclient.connect()
>>>>>> users = api.Command.user_find()
>>>>>> for user in users['result']:...     print "%s:%s:%s" %
>>>>>> (user['uid'][0],
>>>>>>
>>>>> user['uidnumber'][0], user['gidnumber'][0])
>>> ...
>>> admin:1913600000:1913600000
>>> tuser:1913600001:1913600001
>>>
>>
>> Be aware that there are some search limits too, both in size and time.
>> Some of
>> this is configurable from the client side, some on the server.
>>
>
> You can use standard zone transfer for DNS:
>
> See
> https://www.redhat.com/archives/freeipa-users/2013-September/msg00022.html
> https://www.redhat.com/archives/freeipa-users/2013-September/msg00047.html
>
> --
> Petr^2 Spacek
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to