Hi Rob, Thanks so much for your help!. Our openLDAP uses memberuid attribute because we migrated the original database from NIS server. Your tip worked great. Just let me correct a typo error:
--group-objectclass="posixgroup" Thanks again, cbu On 05/01/2014 11:58 AM, Rob Crittenden wrote: > [email protected] wrote: >> Hi, >> >> I am trying to migrate my database from OpenLDAP to freeIPA >> (ipa-server-3.0.0-37.el6.x86_64) but I get an error when freeIPA starts >> to import the group (all the users were imported without problem). >> This is the command that I am using for import: >> >> ipa migrate-ds --with-compat --user-container="ou=People,dc=sample,dc=com" >> --group-container="ou=Group,dc=sample,dc=com" >> --bind-dn="cn=Manager,dc=sample,dc=com" ldap://openldap.sample.com >> >> ipa: ERROR: group LDAP search did not return any result (search base: >> ou=Group,dc=sample,dc=com, objectclass: groupofuniquenames, groupofnames) >> >> >> >> This is how looks a group in openldap database: >> >> dn: cn=ftp,ou=Group,dc=sample,dc=com >> objectClass: posixGroup >> objectClass: top >> cn: ftp >> userPassword: {crypt}x >> gidNumber: 50 >> >> I tried migrate it without compat support and I got the same error. >> Any clue about this problem? Thanks in advance!... > We look for RFC2307(bis) groups with an objectclass of either > groupOfUniqueNames or groupOfNames. How does your group have any members > without one of these? > > You should be able to pull these in with --groupobjectclass=posixgroup > > rob _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
