On 3/10/15 9:31 AM, Alexander Bokovoy wrote: > Are you following these instructions? > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/migrating-ipa-proc.html
Aha! No. There are so many false positives in google I had no idea that document existed. Pretty much everything I've found that links to "how to migrate" takes me to this: http://www.freeipa.org/page/Howto/Migration#Migrating_to_different_platform_or_OS ...which in turn pointed to this: http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/Setting_up_IPA_Replicas.html I didn't see anything about RHEL6->RHEL7 or FreeIPA 3.0->3.3 http://www.freeipa.org/page/Documentation unless I missed it. The 3.3 section on there is pretty much just a collection of things about new features. (And a presentation deck that points to that first link above...) Anyways, thank you for the link. That makes it much clearer. I do have one problem now. I currently have the following systems: connect: RHEL6, FreeIPA master auth.internal: CentOS6, FreeIPA replica auth: CentOS7, migration target Following the instructions you linked, I ran the copy-schema-to-ca.py script on connect, and it completed successfully. I then tried to run it on auth.internal (the CentOS6 replica) and it fails with this error: > python copy-schema-to-ca.py > Traceback (most recent call last): > File "copy-schema-to-ca.py", line 85, in <module> > main() > File "copy-schema-to-ca.py", line 79, in main > add_ca_schema() > File "copy-schema-to-ca.py", line 42, in add_ca_schema > pki_pent = pwd.getpwnam(PKI_USER) > KeyError: 'getpwnam(): name not found: pkiuser' ...am I supposed to run this script the replica as well? Or is something broken on my replica? Thanks, Ben -- Benjamin Reed The OpenNMS Group http://www.opennms.org/
signature.asc
Description: OpenPGP digital signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project