Hi Rob,
Thanks so much for your help!.
Our openLDAP uses memberuid attribute because we migrated the original
database from NIS server.
Your tip worked great. Just let me correct a typo error:
--group-objectclass="posixgroup"
Thanks again,
cbu
On 05/01/2014 11:58 AM, Rob Crittenden wrote:
> cbul...@gmail.com wrote:
>> Hi,
>>
>> I am trying to migrate my database from OpenLDAP to freeIPA
>> (ipa-server-3.0.0-37.el6.x86_64) but I get an error when freeIPA starts
>> to import the group (all the users were imported without problem).
>> This is the command that I am using for import:
>>
>> ipa migrate-ds --with-compat --user-container="ou=People,dc=sample,dc=com"
>> --group-container="ou=Group,dc=sample,dc=com"
>> --bind-dn="cn=Manager,dc=sample,dc=com" ldap://openldap.sample.com
>>
>> ipa: ERROR: group LDAP search did not return any result (search base:
>> ou=Group,dc=sample,dc=com, objectclass: groupofuniquenames, groupofnames)
>>
>>
>>
>> This is how looks a group in openldap database:
>>
>> dn: cn=ftp,ou=Group,dc=sample,dc=com
>> objectClass: posixGroup
>> objectClass: top
>> cn: ftp
>> userPassword: {crypt}x
>> gidNumber: 50
>>
>> I tried migrate it without compat support and I got the same error.
>> Any clue about this problem? Thanks in advance!...
> We look for RFC2307(bis) groups with an objectclass of either
> groupOfUniqueNames or groupOfNames. How does your group have any members
> without one of these?
>
> You should be able to pull these in with --groupobjectclass=posixgroup
>
> rob
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
