On 03/31/2015 04:50 PM, Janelle wrote:
> On 3/31/15 6:49 AM, Dmitri Pal wrote:
>> On 03/31/2015 09:38 AM, Janelle wrote:
>>> Hello again,
>>> Is this a feature or a bug?
>>> Migration mode - works fine the first time. However, if you need to run it a
>>> second time because someone added either new users or groups to your LDAP
>>> config and you want to bring those over, if you re-run migration, it indeed
>>> brings all the new users over, but NOT their secondary groups, only primary.
>>> And even if you have overwrite of the GID option set.
>>> Would this be expected for some reason that I may be missing, or is it a
>>> Thank you
>> Let be know if I get you right.
> That's it exactly.
> Ok - Bug.
I am personally not convinced this is a bug. As Rob mentioned, this is a
migration solution, not sync. So what likely happens is that you add new
memberships to already-migrated groups (i.e. member attribute in group object),
which are then not migrated as they are already present in the FreeIPA.
So if anything, I would call it an RFE, for allowing overwriting the
memberships for existing groups...
>> - Old LDAP server
>> - IPA
>> Users are migrated from LDAP to IPA using migrate-ds.
>> Everything works as expected
>> Now you add users to LDAP and put them into some groups (that were already
>> been migrated the first time, right?)
>> You run migrate-ds again and the new users are migrated but group membership
>> is lost.
>> Is this the scenario?
>> If yes, looks like a bug.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project