Very new to IPA and setting up a proof of concept system that i hope will replace my existing OpenLDAP 2.3 (no SASL) setup. I'm trying to import People, Group ou's into IPA using "ipa migrate-ds". The IPA and existing LDAP directories have different BaseDNs (eg ipadomain.local on IPA, ldapdomain.local on LDAP 2.3) as i want to ideally construct a completely new directory that we will then switch our clients over to.

ipa migrate-ds --schema=RFC2307 --user-container="dc=ldapdomain,dc=local" ldap://

whatever i try (w or w/o --schema=RFC2307) , the response is the same:

    ipa: ERROR: Insufficient access:  Invalid credentials

or with a verbose flag:

ipa: INFO: Forwarding 'migrate_ds' to server u'https://ipa.ipadomain.local/ipa/session/xml'
    ipa: ERROR: Insufficient access:  Invalid credentials

manager naturally exists in ldapdomain.local and i've definitely supplied the correct password (we use the same creds to manage LDAP using phpldapadmin)

Hoping that someone has some experience with this and can point me in the right direction?


Cal Sawyer | Systems Engineer | BlueBolt Ltd
15-16 Margaret Street | London W1W 8RW
+44 (0)20 7637 5575 | www.blue-bolt.com

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to