FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 12-01-2010, 12:57 PM
Hugo Etievant
 
Default Request for feedback about strategy to migrating from old FDS to latest 389DS

hello,



I am working on a migration of LDAP server from an old Fedora-Directory/1.1.3
(B2008.269.213, OS : Fedora 8) to lastest 389-Directory/1.2.6.1
(B2010.272.2313, OS : CentOS 5.5).



My actual architecture use Multi Master Replication protocol (2
nodes) for data and configuration, Windows synchronization (with 1
Active Directory) and some password policies.

For my data, i have 1 database (userRoot) with one suffix
(dc=myOrg,dc=myTLD).



List of possible strategies
:

- choice 1 (server level) : applying patches until geting the last
version (i think it is not a good idea and my obsolete OS cannot be
upgraded for external reasons, i will start from scratch on latest
CentOS) ?

- choice 2 (database level) : backuping up previous databases
userRoot and netscapeRoot and restoring them into new installed
architecture (but i think perhaps config database schema has changed
between 1.1.3 and 1.2.6.1 server versions) ?

- choice 3 (data level) : exporting data in LDIF file (without
configuration and no assurance into operationals attributes export)
and importing it in new installed architecture after configuring it
?



my favorit LDAP tool (Apache Directory Studio) help me to export
data with operationals attributes, this request :

# baseObject** : ou=myOrgUnit,dc=myOrg, dc=myTLD

# filter****** : (objectClass=*)

# attributes** : * accountUnlockTime aci copiedFrom copyingFrom
createTimestamp creatorsName dncomp entrydn entryid hasSubordinates
ldapSchemas ldapSyntaxes modifiersName modifyTimestamp nsAccountLock
nsAIMStatusGraphic nsAIMStatusText nsBackendSuffix nscpEntryDN
nsds5ReplConflict nsICQStatusGraphic nsICQStatusText nsIdleTimeout
nsLookThroughLimit nsRole nsRoleDN nsSchemaCSN nsSizeLimit
nsTimeLimit nsUniqueId nsYIMStatusGraphic nsYIMStatusText
numSubordinates parentid passwordAllowChangeTime
passwordExpirationTime passwordExpWarned passwordGraceUserTime
passwordHistory passwordRetryCount pwdExpirationWarned
pwdGraceUserTime pwdHistory pwdpolicysubentry retryCountResetTime
subschemaSubentry



but i am not sure that no op attrs are missed...





What can you advise me?



regards



--

Hugo Étiévant

INRP/SCI

hugo.etievant@inrp.fr






--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 12-02-2010, 09:36 PM
Rich Megginson
 
Default Request for feedback about strategy to migrating from old FDS to latest 389DS

On 12/01/2010 06:57 AM, Hugo Etievant wrote:


hello,



I am working on a migration of LDAP server from an old Fedora-Directory/1.1.3
(B2008.269.213, OS : Fedora 8) to lastest 389-Directory/1.2.6.1
(B2010.272.2313, OS : CentOS 5.5).


There is a migration script - migrate-ds-admin.pl (or just
migrate-ds.pl if you don't care about console, admin server, etc.)



My actual architecture use Multi Master Replication protocol (2
nodes) for data and configuration, Windows synchronization (with 1
Active Directory) and some password policies.

For my data, i have 1 database (userRoot) with one suffix
(dc=myOrg,dc=myTLD).



List of possible strategies

:

- choice 1 (server level) : applying patches until geting the last
version (i think it is not a good idea and my obsolete OS cannot
be upgraded for external reasons, i will start from scratch on
latest CentOS) ?

- choice 2 (database level) : backuping up previous databases
userRoot and netscapeRoot and restoring them into new installed
architecture (but i think perhaps config database schema has
changed between 1.1.3 and 1.2.6.1 server versions) ?

- choice 3 (data level) : exporting data in LDIF file (without
configuration and no assurance into operationals attributes
export) and importing it in new installed architecture after
configuring it ?



my favorit LDAP tool (Apache Directory Studio) help me to export
data with operationals attributes, this request :

# baseObject** : ou=myOrgUnit,dc=myOrg, dc=myTLD

# filter****** : (objectClass=*)

# attributes** : * accountUnlockTime aci copiedFrom copyingFrom
createTimestamp creatorsName dncomp entrydn entryid
hasSubordinates ldapSchemas ldapSyntaxes modifiersName
modifyTimestamp nsAccountLock nsAIMStatusGraphic nsAIMStatusText
nsBackendSuffix nscpEntryDN nsds5ReplConflict nsICQStatusGraphic
nsICQStatusText nsIdleTimeout nsLookThroughLimit nsRole nsRoleDN
nsSchemaCSN nsSizeLimit nsTimeLimit nsUniqueId nsYIMStatusGraphic
nsYIMStatusText numSubordinates parentid passwordAllowChangeTime
passwordExpirationTime passwordExpWarned passwordGraceUserTime
passwordHistory passwordRetryCount pwdExpirationWarned
pwdGraceUserTime pwdHistory pwdpolicysubentry retryCountResetTime
subschemaSubentry



but i am not sure that no op attrs are missed...





What can you advise me?



regards



--

Hugo Étiévant

INRP/SCI

hugo.etievant@inrp.fr






--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 12:09 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org