Hello,
I am trying to migrate from my an IPA server that has FIPS disabled to an IPA server that
has FIPS enabled. Both the old and the new IPA will have DNS, CA, and etc.
I ran: ipa migrate-ds --bind-dn="cn=Directory Manager"
--user-container=cn=users,cn=accounts --group-container=cn=groups,cn=accounts
--group-objectclass=posixgroup --user-ignore-objectclass=mepOriginEntry --with-compat
ldap://oldipa.server.com However, when I login to a client machine connected to the new
IPA server, my file ownership becomes htony : nobody.
What steps have I missed within the migration process?
I've tried exporting cn=groups tree from the old IPA server into a LDIF and imported
to the new IPA server, but it did not solve the problem.
For everything else, DNS, sudoers, automount, and etc, can I simply export from the old
server and import into the new server?
I also have 100+ client machines, is there an easy way where I can unjoin the machines
from old-ipa-server and then join to the new-ipa-server? (My infrastructure is
Ansible-enabled)
Thanks in advance!
Best,
Tony