David Harvey via FreeIPA-users wrote:
> Dear FreeIPA users,
>
> TL:DR *any* way of moving from 4.7.2->4.7.1?
>
> I've managed to get into a situation..
> On realising the support for Debian/Ubuntu was a bit ropey, I
> successfully made Fedora replicas and promoted them a year or so ago.
> These run OK, but wanting to be off the treadmill of Fedora upgrades,
> the promise of CentOS8 beckoned.  With seeing the release notes for
> 4.7.2 pointing to Redhat 8 relates patches I was quite confident that
> 4.7.2 would be included, allowing another hop over to a longer term
> supported OS.  So the short version is, that I'm on 4.7.2 very much
> wanting to get to CentOS8 where 4.7.1 is currently.
>
> I understand the replica installer will let you create against the same
> or older than itself, but are there any actual LDAP schema differences
> between these versions? Might it be possible to tweak what 4.7.2 reports
> in order to force it to allow a 4.7.1 replica?  Is there a backup and
> restore process that might allow the moving back by 0.0.1 versions!?
> Given that FreeIPA call out Redhat and Fedora support but not CentOS,
> would I actually be better off on the Fedora frequent update path?

Is there any way? Sure, you can disable the version checking code in
ipaserver/install/server/replicainstall.py::check_remote_version()

Would I do it? I dunno. 0.0.1 difference is about 95 patches. Some of
those were almost certainly backported to RHEL 8. Chances are it's fine
but without going through each patch there is no guarantee.

Lots of users run in production in CentOS.

rob