Re: [Freeipa-users] openldap to ipa

2013-01-23 Thread Johnathan Phan
For record sake. This issue was resolved. I resolved the issue by following the following guidance provided in the following bug report. https://fedorahosted.org/freeipa/ticket/3364 On Tue, Jan 15, 2013 at 9:35 AM, Johnathan Phan j...@ox-consulting.comwrote: Hi Rcrit, As Outlined in the

Re: [Freeipa-users] openldap to ipa

2013-01-15 Thread Johnathan Phan
Hi Rcrit, As Outlined in the IRC channel. Please find the ldap.conf from the open ldap server below. URI ldap://ldap.example.com ldap://ldap1.example.com BASE dc=example,dc=com TLS_CACERT /etc/pki/tls/certs/ca-bundle.crt I then copy the file /etc/pki/tls/certs/ca-bundle.crt from the openldap

Re: [Freeipa-users] openldap to ipa

2013-01-14 Thread Rob Crittenden
Johnathan Phan wrote: Anyone know the details of the low level system steps for the migration script to work? so I can try and backwards engineer or troubleshoot each system as I go along so I can actually migrate the data from openldap to ipa? The migration is taking place in the context of

[Freeipa-users] openldap to ipa

2013-01-11 Thread Johnathan Phan
Hi There, This is driving me up the wall. I have two servers. 1 is a live openldap/kerberous AAA server running on RHEL6. The LDAP service has SSL/TS support. The second server is a test environment running on fedora and has 3.1 IPA installed. As a last step of my POC I need to migrate the

Re: [Freeipa-users] openldap to ipa

2013-01-11 Thread JR Aquino
Try editing /etc/openldap/ldap.conf: TLS_CACERT /etc/ipa/ca.crt TLS_REQCERT allow See if that helps Keeping your head in the cloud ~ Jr Aquino | Sr. Information Security Specialist GIAC Exploit Researcher and Advanced Penetration Tester | GIAC Certified

Re: [Freeipa-users] Openldap to IPA migration confusion

2012-07-24 Thread Qing Chang
On 23/07/2012 3:33 PM, Rob Crittenden wrote: Qing Chang wrote: On 20/07/2012 5:14 PM, Rob Crittenden wrote: Qing Chang wrote: Greetings, Migration from OpedLDAP to IPA creates a pair of subtrees for both users and groups: compat and accounts, use groups as an example: dn:

Re: [Freeipa-users] Openldap to IPA migration confusion

2012-07-23 Thread Qing Chang
On 20/07/2012 5:14 PM, Rob Crittenden wrote: Qing Chang wrote: Greetings, Migration from OpedLDAP to IPA creates a pair of subtrees for both users and groups: compat and accounts, use groups as an example: dn: cn=acdp,cn=groups,cn=compat,dc=sri,dc=utoronto,dc=ca dn:

Re: [Freeipa-users] Openldap to IPA migration confusion

2012-07-23 Thread Rob Crittenden
Qing Chang wrote: On 20/07/2012 5:14 PM, Rob Crittenden wrote: Qing Chang wrote: Greetings, Migration from OpedLDAP to IPA creates a pair of subtrees for both users and groups: compat and accounts, use groups as an example: dn: cn=acdp,cn=groups,cn=compat,dc=sri,dc=utoronto,dc=ca dn:

Re: [Freeipa-users] Openldap to IPA migration confusion

2012-07-20 Thread Dmitri Pal
On 07/20/2012 04:56 PM, Qing Chang wrote: Greetings, Migration from OpedLDAP to IPA creates a pair of subtrees for both users and groups: compat and accounts, use groups as an example: dn: cn=acdp,cn=groups,cn=compat,dc=sri,dc=utoronto,dc=ca dn: