[Freeipa-users] Re: planning for migration

2017-10-09 Thread Andrew Meyer via FreeIPA-users
I'm also getting the following output occasionally. [user@infra-test-ipa ~]$ sudo ipa -v migrate-ds --user-container='ou=Users,dc=oldldap,dc=local' --group-container='ou=Group,dc=oldldap,dc=local' --user-objectclass=posixAccount --group-objectclass=posixGroup

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Gabriel Faber via FreeIPA-users
Correct (depending on if your LDAP requires binding or not, you might not need '--bind-dn' at all) Gabriel On 10/9/2017 14:05, Andrew Meyer wrote: Gabriel, When I run the ipa -v migrate-ds I need to put in my OpenLDAP manager password, correct? Not my FreeIPA admin credentials. Thank you,

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Andrew Meyer via FreeIPA-users
Gabriel,When I run the ipa -v migrate-ds I need to put in my OpenLDAP manager password, correct? Not my FreeIPA admin credentials. Thank you, On Monday, October 9, 2017, 12:33:53 PM CDT, Andrew Meyer via FreeIPA-users wrote: Thank you!  I will

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Andrew Meyer via FreeIPA-users
Thank you!  I will take this and change it suit my network and let you know.   On Monday, October 9, 2017, 12:16:05 PM CDT, Gabriel Faber via FreeIPA-users wrote: Here's what worked for me (all output removed): # ipa-compat-manage disable #

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Gabriel Faber via FreeIPA-users
Here's what worked for me (all output removed): # ipa-compat-manage disable # systemctl restart dirsrv.target # ipa config-mod --enable-migration=TRUE # ipa -v migrate-ds --user-container='dc=melodis,dc=com' --group-container='ou=Group,dc=melodis,dc=com' --user-objectclass=posixAccount

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Mark Haney via FreeIPA-users
On 10/09/2017 12:24 PM, Andrew Meyer wrote: I'm heading down that route as well.  But I would like to have both options available to the boss. I'm not sure if my syntax is incorrect.  That's where I need help. Can't help you there, brother.  Our LDAP setup was crap from the beginning, so we

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Andrew Meyer via FreeIPA-users
I'm heading down that route as well.  But I would like to have both options available to the boss. I'm not sure if my syntax is incorrect.  That's where I need help. On Monday, October 9, 2017, 11:09:52 AM CDT, Mark Haney via FreeIPA-users wrote:

[Freeipa-users] Re: planning for migration

2017-10-09 Thread Mark Haney via FreeIPA-users
Honestly, we simply built a new IPA configuration rather than try to migrate.  It's been far easier to move clients over by ripping the OpenLDAP off and installing IPA-client than mucking with a conversion. On 10/09/2017 11:50 AM, Andrew Meyer via FreeIPA-users wrote: Hello, I am planning to