Difference between revisions of "CentOS 8.x Freeipa migration from openldap to freeipa"
From Notes_Wiki
(Created page with "<yambe:breadcrumb self="Freeipa migration from openldap to freeipa">CentOS 8.x FreeIPA|FreeIPA</yambe:breadcrumb> =CentOS 8.x Freeipa migration from openldap to freeipa= To m...") |
m |
||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 8.x]] > [[CentOS 8.x authentication servers]] > [[CentOS 8.x FreeIPA]] > [[CentOS 8.x Freeipa migration from openldap to freeipa]] | |||
To migrate openLDAP to freeipa use: | To migrate openLDAP to freeipa use: | ||
Line 17: | Line 16: | ||
* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/migrating_from_a_directory_server_to_ipa | * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/migrating_from_a_directory_server_to_ipa | ||
* https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/using-migrate-ds | * https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/using-migrate-ds | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 8.x]] > [[CentOS 8.x authentication servers]] > [[CentOS 8.x FreeIPA]] > [[CentOS 8.x Freeipa migration from openldap to freeipa]] |
Latest revision as of 17:24, 15 May 2022
Home > CentOS > CentOS 8.x > CentOS 8.x authentication servers > CentOS 8.x FreeIPA > CentOS 8.x Freeipa migration from openldap to freeipa
To migrate openLDAP to freeipa use:
- To create kerebros ticket run
- kinit admin
- Run migration from LDAP server using:
- ipa migrate-ds --bind-dn='cn=root,dc=sbarjatiya,dc=com' --with-compat ldap://openldap1.rnd.com:389
- and then enter bind DN's password. Bind DN should have administrative access so that it can read userPassword attributes and even migrate them.
- Note that normal posixUser get migrated but for groups ipa expects 'groupOfNames' with multiple member attribute per member with value of DN of group member instead of posixGroup
Refer:
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/migrating_from_a_directory_server_to_ipa
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/using-migrate-ds
Home > CentOS > CentOS 8.x > CentOS 8.x authentication servers > CentOS 8.x FreeIPA > CentOS 8.x Freeipa migration from openldap to freeipa