On 05/31/2011 06:02 PM, Dan Scott wrote: > Hi, > > Thanks for all the replies. > > On Wed, May 25, 2011 at 18:13, Rob Crittenden <[email protected]> wrote: >>> I have a FreeIPA 1.2.1 system (1 master and 1 replica server) running >>> on Fedora 14. I'd like to migrate to FreeIPA 2, now that Fedora 15 has >>> been released. But I have a few questions: >>> >>> 1. Can Fedora 15 clients authenticate against my FreeIPA 1 servers? >> Yes but you would have to configure it yourself. sssd would work nicely with >> an ldap/krb5 configuration. > I've set up a Fedora 15 VM and have successfully configured it to > authenticate against my FreeIPA 1 servers, so this is good. One small > problem was that I couldn't get passwordless ssh logins *to* the F15 > system working. I created and installed a host keytab, same as for all > the other systems, but no luck. I was able to ssh *from* the F15 > system without a password however. Any ideas? > >>> 3. Can I migrate the servers from FreeIPA 1 to 2 (presumably requiring >>> an upgrade from Fedora 14 to 15 along the way). >> You cannot do a straight upgrade, too much changed between the two versions. >> You should be able to migrate the users and groups using the v2 migration >> system. This will maintain your user passwords at least. You would need to >> generate new principals and keytabs for your kerberized services. > I've setup a Fedora 15 VM and installed the FreeIPA server. I ran the > ipa migrate-ds command provided in the documentation. All of the user > groups were migrated successfully, but none of the users were migrated > due to 'unknown object class "radiusprofile"' errors. > > I've seen this post here: > > https://www.redhat.com/archives/freeipa-users/2011-May/msg00282.html > > but I wanted to add that I don't use any of the radius functionality > and my FreeIPA v1 installation is pretty standard, so other users > might run into this. I didn't find a bug report, but can file one if > needed? >
Yes please: https://fedorahosted.org/freeipa/ > Thanks, > > Dan > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users > > -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
