On 01/22/2014 06:26 PM, Dimitar Georgievski wrote:
Would you use ldapmodify -f file-name-with-exported-data to import the
data back to a new copy of FreeIPA?


No, that generally won't work. There's more to IPA than the data in LDAP.
Instead of copying data you should install the new server as a replica of the old one.


Thanks

Dimitar


On Wed, Jan 22, 2014 at 8:52 AM, Petr Spacek <pspa...@redhat.com
<mailto:pspa...@redhat.com>> wrote:

    On 22.1.2014 14:40, Rob Crittenden wrote:

        Martin Kosek wrote:

            On 01/22/2014 01:48 PM, Choudhury, Suhail wrote:

                Hi guys,

                I trying to get a dump of all users, hosts and DNS
                entries from IPA so
                we can run scripts/Puppet against them.

                Tried searching for it but cannot find anything, so was
                hoping someone
                can give some hints on how best to do this please.


            You can either export them via ldapsearch:

            $ kinit admin
            $ ldapsearch -h `hostname` -Y GSSAPI -b
            'cn=users,cn=accounts,dc=__example,dc=com'


            ... or for write a Python script to do what you want. Very
            simple example:

            $ kinit admin
            $ python

                        from ipalib import api
                        api.bootstrap()
                        api.finalize()
                        api.Backend.xmlclient.connect(__)
                        users = api.Command.user_find()
                        for user in users['result']:...     print
                        "%s:%s:%s" % (user['uid'][0],

            user['uidnumber'][0], user['gidnumber'][0])
            ...
            admin:1913600000:1913600000
            tuser:1913600001:1913600001


        Be aware that there are some search limits too, both in size and
        time. Some of
        this is configurable from the client side, some on the server.


    You can use standard zone transfer for DNS:

    See
    
https://www.redhat.com/__archives/freeipa-users/2013-__September/msg00022.html
    <https://www.redhat.com/archives/freeipa-users/2013-September/msg00022.html>
    
https://www.redhat.com/__archives/freeipa-users/2013-__September/msg00047.html
    <https://www.redhat.com/archives/freeipa-users/2013-September/msg00047.html>



--
PetrĀ³

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to