[389-users] Request for feedback about strategy to migrating from old FDS to latest 389DS
Rich Megginson
rmeggins at redhat.com
Thu Dec 2 22:36:29 UTC 2010
On 12/01/2010 06:57 AM, Hugo Etievant wrote:
> hello,
>
> I am working on a migration of LDAP server from an old
> *Fedora-Directory/1.1.3* (B2008.269.213, OS : Fedora 8) to lastest
> *389-Directory/1.2.6.1* (B2010.272.2313, OS : CentOS 5.5).
There is a migration script - migrate-ds-admin.pl (or just migrate-ds.pl
if you don't care about console, admin server, etc.)
>
> My actual architecture use Multi Master Replication protocol (2 nodes)
> for data and configuration, Windows synchronization (with 1 Active
> Directory) and some password policies.
> For my data, i have 1 database (userRoot) with one suffix
> (dc=myOrg,dc=myTLD).
>
> List of possible strategies :
> - choice 1 (server level) : applying patches until geting the last
> version (i think it is not a good idea and my obsolete OS cannot be
> upgraded for external reasons, i will start from scratch on latest
> CentOS) ?
> - choice 2 (database level) : backuping up previous databases userRoot
> and netscapeRoot and restoring them into new installed architecture
> (but i think perhaps config database schema has changed between 1.1.3
> and 1.2.6.1 server versions) ?
> - choice 3 (data level) : exporting data in LDIF file (without
> configuration and no assurance into operationals attributes export)
> and importing it in new installed architecture after configuring it ?
>
> my favorit LDAP tool (Apache Directory Studio) help me to export data
> with operationals attributes, this request :
> # baseObject : ou=myOrgUnit,dc=myOrg, dc=myTLD
> # filter : (objectClass=*)
> # attributes : * accountUnlockTime aci copiedFrom copyingFrom
> createTimestamp creatorsName dncomp entrydn entryid hasSubordinates
> ldapSchemas ldapSyntaxes modifiersName modifyTimestamp nsAccountLock
> nsAIMStatusGraphic nsAIMStatusText nsBackendSuffix nscpEntryDN
> nsds5ReplConflict nsICQStatusGraphic nsICQStatusText nsIdleTimeout
> nsLookThroughLimit nsRole nsRoleDN nsSchemaCSN nsSizeLimit nsTimeLimit
> nsUniqueId nsYIMStatusGraphic nsYIMStatusText numSubordinates parentid
> passwordAllowChangeTime passwordExpirationTime passwordExpWarned
> passwordGraceUserTime passwordHistory passwordRetryCount
> pwdExpirationWarned pwdGraceUserTime pwdHistory pwdpolicysubentry
> retryCountResetTime subschemaSubentry
>
> but i am not sure that no op attrs are missed...
>
>
> What can you advise me?
>
> regards
>
> --
> *Hugo Étiévant *
> INRP/SCI
> hugo.etievant at inrp.fr <mailto:hugo.etievant at inrp.fr>
>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20101202/b9596af3/attachment.html>
More information about the 389-users
mailing list