Bug 488891
Summary: | Document how to migrate user identities from an existing directory or identity store into IPA | |||
---|---|---|---|---|
Product: | [Retired] freeIPA | Reporter: | David O'Brien <daobrien> | |
Component: | Documentation | Assignee: | David O'Brien <daobrien> | |
Status: | CLOSED DUPLICATE | QA Contact: | Chandrasekar Kannan <ckannan> | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | 2.0 | CC: | benl, dpal, jgalipea, pzuna | |
Target Milestone: | v2 release | Keywords: | Documentation | |
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 646210 (view as bug list) | Environment: | ||
Last Closed: | 2011-01-13 08:47:40 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 431020, 431022, 489811, 646210, 646217 |
Description
David O'Brien
2009-03-06 04:35:02 UTC
Version set to 1.1 by mistake. Resetting to 2.0 Added to Migration Guide. This guide is still in draft form, untested, and not public yet. We have a command plugin for the purpose of migrating identities from an existing 389/RH DS to IPA. All migration tools can be examined using the built-in interface: ipa help migration Only one command is currently available. It can be used to migrate identities from DS or from IPAv1: ipa migrate-ds LDAP_URI [--bind-dn=BIND_DN] [--user-container=USER_CONT] [--group-container=GROUP_CONT] [--exclude-users=EXC_USERS] [--exclude-groups=EXC_GROUPS] BIND_DN - DN of the entry the command is going to bind as, defaults to "cn=Directory Manager" USER_CONT - parent entry under which user identities are stored, defaults to "ou=People" GROUP_CONT - parent entry under which group information is stored, defaults to "ou=Groups" EXC_USERS - comma-separated list of user names to be excluded from migration EXC_GROUPS - comma-separated list of groups to be excluded from migration After executing the command, you will be prompted to enter the BIND password. Note that migration mode has to be enabled first, you can do so using: ipa config-mod --enable-migration=TRUE To migrate users and groups from an existing default configuration DS reachable at ldap://example.com, it should be enough to execute: ipa migrate-ds ldap://example.com To migrate users and groups from an existing default configuration IPAv1 with DS reachable at ldap://example.com, you will need to execute: ipa migrate-ds --user-container=cn=users,cn=accounts --group-container=cn=groups,cn=accounts ldap://example.com Hope that helps. *** Bug 488900 has been marked as a duplicate of this bug. *** *** This bug has been marked as a duplicate of bug 646210 *** |