On 01/22/2014 06:26 PM, Dimitar Georgievski wrote:
Would you use ldapmodify -f file-name-with-exported-data to import the
data back to a new copy of FreeIPA?
No, that generally won't work. There's more to IPA than the data in LDAP.
Instead of copying data you should install the new server as a replica
of the old one.
Thanks
Dimitar
On Wed, Jan 22, 2014 at 8:52 AM, Petr Spacek <[email protected]
<mailto:[email protected]>> wrote:
On 22.1.2014 14:40, Rob Crittenden wrote:
Martin Kosek wrote:
On 01/22/2014 01:48 PM, Choudhury, Suhail wrote:
Hi guys,
I trying to get a dump of all users, hosts and DNS
entries from IPA so
we can run scripts/Puppet against them.
Tried searching for it but cannot find anything, so was
hoping someone
can give some hints on how best to do this please.
You can either export them via ldapsearch:
$ kinit admin
$ ldapsearch -h `hostname` -Y GSSAPI -b
'cn=users,cn=accounts,dc=__example,dc=com'
... or for write a Python script to do what you want. Very
simple example:
$ kinit admin
$ python
from ipalib import api
api.bootstrap()
api.finalize()
api.Backend.xmlclient.connect(__)
users = api.Command.user_find()
for user in users['result']:... print
"%s:%s:%s" % (user['uid'][0],
user['uidnumber'][0], user['gidnumber'][0])
...
admin:1913600000:1913600000
tuser:1913600001:1913600001
Be aware that there are some search limits too, both in size and
time. Some of
this is configurable from the client side, some on the server.
You can use standard zone transfer for DNS:
See
https://www.redhat.com/__archives/freeipa-users/2013-__September/msg00022.html
<https://www.redhat.com/archives/freeipa-users/2013-September/msg00022.html>
https://www.redhat.com/__archives/freeipa-users/2013-__September/msg00047.html
<https://www.redhat.com/archives/freeipa-users/2013-September/msg00047.html>
--
PetrĀ³
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
