While I don't consider myself an expert, I should note that
ipa-replica-prepare has not been deprecated. The proposed solution to
follow
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrade-6-to-7.html
is indeed the correct one.
Not to be confused about ipa-replica-prepare: this command shall not be
used on domain level 1 machines since the replication is
solved in a smarter and more automatic way. The command would not work
on domain level 1 anyway.
HTH,
Standa
On 03/24/2017 11:58 AM, Christophe TREFOIS wrote:
I’m not expert but I think ipa-replica-prepare is depcrecated in 4.4
as the procedure become more simple.
I think setting up a new cluster of CentOS 7.3 machines and setting up
replicas against the old cluster is sufficient.
What do the experts say?
--
Dr Christophe Trefois, Dipl.-Ing.
Technical Specialist / Post-Doc
UNIVERSITÉ DU LUXEMBOURG
LUXEMBOURG CENTRE FOR SYSTEMS BIOMEDICINE
Campus Belval | House of Biomedicine
6, avenue du Swing
L-4367 Belvaux
T:+352 46 66 44 6124
F:+352 46 66 44 6949
http://www.uni.lu/lcsb
Facebook <https://www.facebook.com/trefex>Twitter
<https://twitter.com/Trefex>Google Plus
<https://plus.google.com/+ChristopheTrefois/>Linkedin
<https://www.linkedin.com/in/trefoischristophe>skype
<http://skype:Trefex?call>
----
This message is confidential and may contain privileged information.
It is intended for the named recipient only.
If you receive it in error please notify me and permanently delete the
original message and any copies.
----
On 24 Mar 2017, at 00:54, Zak Peirce <zak.pei...@zoom.us
<mailto:zak.pei...@zoom.us>> wrote:
I am looking to take this same journey. I found this guide, it seems
like
it covers all the bases
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/h
tml/Linux_Domain_Identity_Authentication_and_Policy_Guide/upgrade-6-to-7.h
tml
-Zak
-----Original Message-----
From: freeipa-users-boun...@redhat.com
[mailto:freeipa-users-boun...@redhat.com] On Behalf Of Dagan
Sent: Thursday, March 23, 2017 3:52 PM
To: freeipa-users@redhat.com
Subject: [Freeipa-users] Migration from FreeIPA 3.0 to 4.x
Hi,
I am hoping someone will be able to help answer some questions about
migrations.
I have been asked to look at upgrading an existing FreeIPA
installation on
CentOS 6 (3.0.0) to a new installation on CentOS 7 with a recent stable
release (4.4.0).
The existing CentOS 6 installation does not manage DNS or have a CA that
is being used (though the may be installed. It's primarily for user
authentication and user group management.
There are only a small number of users, groups, and hosts to migrate -
less than 100 of each.
But the data is used for LDAP integration in various applications so it
needs to be consistent.
Would it be recommended to do a straight LDIF type export and import of
the data, and configure the new FreeIPA installation for the new
access/sudo rules?
Would that risk leaving behind any data I would need to know about?
We are planning to review the sudo rules, host access lists etc as
part of
the migration work. So leaving behind some data may not be a blocker to
upgrade.
Any suggestions or links welcome.
Cheers,
Dagan McGregor
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
