To answer your other questions: > Does the entry o=NetscapeRoot exist? > Does ou=mcs.local, o=NetscapeRoot exist? > Does cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot exist? Yes. All of those exist in the original (source) server's database (o=NetscapeRoot, etc). I can see these easily using the admin console on the source server. I guess I'll have to familiarize myself with dbscan or ldapsearch to see if they exist on the new server. However, I thought the purpose of the migration was that it would create these objects (and in the required order?) if they did not exist on the destination - especially since the destination should be empty at the time of the migration/import. Anyway, I'll try to look around - might take awhile since I'm not totally familiar with these CLI tools. On Mon, Mar 15, 2010 at 12:59 PM, Brian Provenzano <bproven at gmail.com>wrote: > The FQDN look the fine to me. I tried to be very careful about this > pitfall. > > NEW server: > # hostname --fqdn > ldap.mcs.local > > OLD server: > #hostname --fqdn > ldap.mcs.local > > > On Mon, Mar 15, 2010 at 12:38 PM, Rich Megginson <rmeggins at redhat.com>wrote: > >> Brian Provenzano wrote: >> > Exist in the destination you mean? >> If it was migrated at all, yes. >> > or in the source on the original FDS 1.0.4 server? >> Yes, if the migration did not get to that point yet. >> > >> > This is a fresh install of 389 for the migration and I have not run >> > setup (per migration docs), so I assume it does not exist yet? Should >> it? >> It depends on how far migration got before it failed. >> > Should I run setup first to create and then run migrate? I did not >> > do this since the docs state not to. >> Right. >> > >> > This is what I did to get to this point (not sure if this helps in >> > case I missed a step): >> > >> > Old CentOS 4.3 server with FDS 1.0.4 : >> > ------------------------------------ >> > -Stop ldap server (admin and server processes) using the init scripts >> > >> > -Create the LDIF files to dump the databases to LDIF: cd >> > /opt/fedora-ds/slapd-ldap >> > ./db2ldif -n userRoot -a /opt/fedora-ds/slapd-ldap/db/userRoot.ldif >> > ./db2ldif -n NetscapeRoot -a >> > /opt/fedora-ds/slapd-ldap/db/NetscapeRoot.ldif >> > >> > -tar up the directory: tar -cpvf fedora-ds.tar fedora-ds >> > >> > -move the tar file to the /tmp dir of the new destination server >> > CentOS 5.4 (389 server already installed via 'yum install 389-ds' per >> > the docs using EPEL. This installed fine.). Per the docs here ( >> > >> http://www.redhat.com/docs/manuals/dir-server/8.1/install/Installation_Guide-Migration_Procedure.html >> > ) I did not run the setup-ds-admin.pl <http://setup-ds-admin.pl> due >> > to the warning note in the migration docs. >> > >> > -extract the tar to /tmp on the new server (tar -xpvf fedora.tar) >> > >> > -remove the 10presense.ldif file (per our other conversation regarding >> > my other issue - conflict with source ldif). >> > >> > -run the migration script as follows: ./migrate-ds-admin.pl >> > <http://migrate-ds-admin.pl> --oldsroot /tmp/fedora-ds --actualsroot >> > /opt/fedora-ds General.ConfigDirectoryAdminPwd='mypassword' >> What is the FQDN of the old machine you are migrating from? Is it >> exactly the same as the new FQDN? >> > >> > >> > >> > >> > On Mon, Mar 15, 2010 at 11:26 AM, Rich Megginson <rmeggins at redhat.com >> > <mailto:rmeggins at redhat.com>> wrote: >> > >> > Brian Provenzano wrote: >> > > Thanks for the tip. I have the following in my >> > > /var/log/dirsrv/slapd-ldap/access log: >> > > >> > > [15/Mar/2010:10:42:44 -0600] conn=1 fd=64 slot=64 connection from >> > > 192.168.1.20 to 192.168.1.20 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=0 BIND dn="" method=128 >> > version=3 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=0 RESULT err=0 tag=97 >> > > nentries=0 etime=0 dn="" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=1 SRCH >> base="o=NetscapeRoot" >> > > scope=2 filter="(uid=admin)" attrs="dn" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=1 RESULT err=0 tag=101 >> > > nentries=1 etime=0 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=2 BIND dn="uid=admin, >> > > ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" method >> > > =128 version=3 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=2 RESULT err=0 tag=97 >> > > nentries=0 etime=0 dn="uid=admin,ou=administrators,ou=topologyma >> > > nagement,o=netscaperoot" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=3 SRCH base="cn=389 >> > > Administration Server, cn=Server Group, cn=ldap.mcs.local, ou=mcs. >> > > local, o=NetscapeRoot" scope=0 filter="(objectClass=*)" attrs="* >> > aci aci" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=3 RESULT err=32 tag=101 >> > > nentries=0 etime=0 >> > Does the entry o=NetscapeRoot exist? >> > Does ou=mcs.local, o=NetscapeRoot exist? >> > Does cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot exist? >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=4 SRCH >> > > base="cn=admin-serv-ldap, cn=389 Administration Server, cn=Server >> > > Group, cn=lda >> > > p.mcs.local, ou=mcs.local, o=NetscapeRoot" scope=0 >> > > filter="(objectClass=*)" attrs="* aci aci" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=4 RESULT err=32 tag=101 >> > > nentries=0 etime=0 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=5 SRCH >> > base="cn=configuration, >> > > cn=admin-serv-ldap, cn=389 Administration Server, cn=Se >> > > rver Group, cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot" >> scope=0 >> > > filter="(objectClass=*)" attrs="* aci aci" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=5 RESULT err=32 tag=101 >> > > nentries=0 etime=0 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=6 SRCH base="cn=encryption, >> > > cn=configuration, cn=admin-serv-ldap, cn=389 Administratio >> > > n Server, cn=Server Group, cn=ldap.mcs.local, ou=mcs.local, >> > > o=NetscapeRoot" scope=0 filter="(objectClass=*)" attrs="* aci aci >> > > " >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=6 RESULT err=32 tag=101 >> > > nentries=0 etime=0 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=7 SRCH base="cn=Tasks, >> > > cn=admin-serv-ldap, cn=389 Administration Server, cn=Server Gro >> > > up, cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot" scope=0 >> > > filter="(objectClass=*)" attrs="* aci aci" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=7 RESULT err=32 tag=101 >> > > nentries=0 etime=0 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=8 ADD dn="cn=Tasks, >> > > cn=admin-serv-ldap, cn=389 Administration Server, cn=Server Group, >> > > cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot" >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=8 RESULT err=32 tag=105 >> > > nentries=0 etime=0 >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=9 UNBIND >> > > [15/Mar/2010:10:42:44 -0600] conn=1 op=9 fd=64 closed - U1 >> > > >> > > >> > > The "ADD" specified in the migration log is the same one here that >> > > appears to fail (I guess). Sorry for my ignorance, but I have >> > no idea >> > > how to resolve this. >> > > >> > > >> > > >> > > On Mon, Mar 15, 2010 at 9:30 AM, Rich Megginson >> > <rmeggins at redhat.com <mailto:rmeggins at redhat.com> >> > > <mailto:rmeggins at redhat.com <mailto:rmeggins at redhat.com>>> wrote: >> > > >> > > Brian Provenzano wrote: >> > > > I'm still on the road to trying to migrate from FDS 1.0.4 >> > to 389 DS >> > > > 1.2.5. Thanks to Rich's help yesterday in a previous >> > thread (Cross >> > > > Migration Problem From FDS 1.0.x to 386 Directory Server) >> > I was able >> > > > to fix an import issue with an existing ldif schema >> > (presense.ldif). >> > > > >> > > > Anyway, I am now running to the following issue when the >> > migration >> > > > script tries to read/migrate my data from LDIF ( I have a >> > > > userRoot.ldif and NetscapeRoot.ldif). I assume it is the >> > > > NetscapeRoot.ldif that is the issue: >> > > > >> > > > >> > > > # ./migrate-ds-admin.pl <http://migrate-ds-admin.pl> >> > <http://migrate-ds-admin.pl> >> > > <http://migrate-ds-admin.pl> --oldsroot >> > > > /tmp/fedora-ds --actualsroot /opt/fedora-ds >> > > > General.ConfigDirectoryAdminPwd='mypassword' >> > > > Beginning migration of Directory and Administration >> > servers from >> > > > /tmp/fedora-ds . . . >> > > > Beginning migration of directory server instances in >> > > /tmp/fedora-ds . . . >> > > > Your new DS instance 'slapd-ldap' was successfully created. >> > > > Beginning migration of Administration server from >> > /tmp/fedora-ds >> > > . . . >> > > > Creating Admin Server files and directories . . . >> > > > dn: cn=Tasks, cn=admin-serv-ldap, cn=389 Administration >> > Server, >> > > > cn=Server Grou >> > > > p, cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot >> > > > objectclass: top >> > > > objectclass: nsResourceRef >> > > > cn: Tasks >> > > > Error adding entry 'cn=Tasks, cn=admin-serv-ldap, cn=389 >> > > > Administration Server, cn=Server Group, cn=ldap.mcs.local, >> > > > ou=mcs.local, o=NetscapeRoot'. Error: No such object >> > > > Exiting . . . >> > > > Log file is '/tmp/migrate5naZZB.log' >> > > > >> > > > >> > > > Here is the /tmp/migrate5naZZB.log' log file: >> > > > --------------------- >> > > > [10/03/12:10:58:57] - [Migration] Info Beginning migration >> of >> > > > Directory and Administration servers from /tmp/fedora-ds . . >> . >> > > > [10/03/12:10:58:57] - [Migration] Info Beginning migration >> of >> > > > directory server instances in /tmp/fedora-ds . . . >> > > > [10/03/12:10:59:00] - [Migration] Info Your new DS instance >> > > > 'slapd-ldap' was successfully created. >> > > > [10/03/12:10:59:13] - [Migration] Info Copying >> > > > /tmp/fedora-ds/alias/slapd-ldap-cert8.db to >> > > > /etc/dirsrv/slapd-ldap/cert8.db >> > > > [10/03/12:10:59:13] - [Migration] Info Copying >> > > > /tmp/fedora-ds/alias/slapd-ldap-key3.db to >> > > /etc/dirsrv/slapd-ldap/key3.db >> > > > [10/03/12:10:59:13] - [Migration] Info Copying >> > > > /tmp/fedora-ds/alias/secmod.db to >> > /etc/dirsrv/slapd-ldap/secmod.db >> > > > [10/03/12:10:59:13] - [Migration] Info No >> > > > /tmp/fedora-ds/alias/slapd-ldap-pin.txt to migrate >> > > > [10/03/12:10:59:13] - [Migration] Info Copying >> > > > /tmp/fedora-ds/shared/config/certmap.conf to >> > > > /etc/dirsrv/slapd-ldap/certmap.co <http://certmap.co> >> > <http://certmap.co> >> > > <http://certmap.co> >> > > > nf >> > > > [10/03/12:10:59:14] - [Migration] Info Beginning migration >> of >> > > > Administration server from /tmp/fedora-ds . . . >> > > > [10/03/12:10:59:15] - [Migration] Info Creating Admin Server >> > > files and >> > > > directories . . . >> > > > [10/03/12:10:59:15] - [Migration] Debug No file to migrate: >> > > > /tmp/fedora-ds/alias/admin-serv-ldap-cert8.db >> > > > [10/03/12:10:59:15] - [Migration] Debug No file to migrate: >> > > > /tmp/fedora-ds/alias/admin-serv-ldap-key3.db >> > > > [10/03/12:10:59:15] - [Migration] Info Copying >> > > > /tmp/fedora-ds/alias/secmod.db to >> > /etc/dirsrv/admin-serv/secmod.db >> > > > [10/03/12:10:59:15] - [Migration] Info No >> > > > /tmp/fedora-ds/alias/admin-serv-ldap-pin.txt to migrate >> > > > [10/03/12:10:59:15] - [Migration] Info Copying >> > > > /tmp/fedora-ds/shared/config/certmap.conf to >> > > > /etc/dirsrv/admin-serv/certmap.co <http://certmap.co> >> > <http://certmap.co> >> > > <http://certmap.co> >> > > > nf >> > > > [10/03/12:10:59:15] - [Migration] Info Error adding entry >> > 'cn=Tasks, >> > > > cn=admin-serv-ldap, cn=389 Administration Server, cn=Ser >> > > > ver Group, cn=ldap.mcs.local, ou=mcs.local, >> > o=NetscapeRoot'. Error: >> > > > No such object >> > > Look in the access log of your configuration directory server >> - >> > > look for >> > > err=32 along with a DN that looks like the above. For an ADD >> > > operation, >> > > you get err=32 (No such object) when the parent of the entry >> > you are >> > > attempting to add cannot be found. >> > > > [10/03/12:10:59:15] - [Migration] Fatal Exiting . . . >> > > > Log file is '/tmp/migrate5naZZB.log' >> > > > >> > > > >> > > > Thanks, >> > > > Brian >> > > > >> > > > >> > > >> > >> ------------------------------------------------------------------------ >> > > > >> > > > -- >> > > > 389 users mailing list >> > > > 389-users at lists.fedoraproject.org >> > <mailto:389-users at lists.fedoraproject.org> >> > > <mailto:389-users at lists.fedoraproject.org >> > <mailto:389-users at lists.fedoraproject.org>> >> > > > https://admin.fedoraproject.org/mailman/listinfo/389-users >> > > >> > > -- >> > > 389 users mailing list >> > > 389-users at lists.fedoraproject.org >> > <mailto:389-users at lists.fedoraproject.org> >> > > <mailto:389-users at lists.fedoraproject.org >> > <mailto:389-users at lists.fedoraproject.org>> >> > > https://admin.fedoraproject.org/mailman/listinfo/389-users >> > > >> > > >> > > >> > >> ------------------------------------------------------------------------ >> > > >> > > -- >> > > 389 users mailing list >> > > 389-users at lists.fedoraproject.org >> > <mailto:389-users at lists.fedoraproject.org> >> > > https://admin.fedoraproject.org/mailman/listinfo/389-users >> > >> > -- >> > 389 users mailing list >> > 389-users at lists.fedoraproject.org >> > <mailto:389-users at lists.fedoraproject.org> >> > https://admin.fedoraproject.org/mailman/listinfo/389-users >> > >> > >> > ------------------------------------------------------------------------ >> > >> > -- >> > 389 users mailing list >> > 389-users at lists.fedoraproject.org >> > https://admin.fedoraproject.org/mailman/listinfo/389-users >> >> -- >> 389 users mailing list >> 389-users at lists.fedoraproject.org >> https://admin.fedoraproject.org/mailman/listinfo/389-users >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20100315/ec644f59/attachment.html
