Re: [389-users] Migration Issues With Admin Server LDIF Import

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Brian Provenzano wrote:
> Exist in the destination you mean? 
If it was migrated at all, yes.
> or in the source on the original FDS 1.0.4 server?
Yes, if the migration did not get to that point yet.
>
> This is a fresh install of 389 for the migration and I have not run 
> setup (per migration docs), so I assume it does not exist yet?  Should it?
It depends on how far migration got before it failed.
>   Should I run setup first to create and then run migrate?  I did not 
> do this since the docs state not to.
Right.
>
> This is what I did to get to this point (not sure if this helps in 
> case I missed a step):
>
> Old CentOS 4.3 server with FDS 1.0.4 :
> ------------------------------------
> -Stop ldap server (admin and server processes) using the init scripts
>
> -Create the LDIF files to dump the databases to LDIF:  cd 
> /opt/fedora-ds/slapd-ldap   
>  ./db2ldif -n userRoot -a /opt/fedora-ds/slapd-ldap/db/userRoot.ldif
>  ./db2ldif -n NetscapeRoot -a 
> /opt/fedora-ds/slapd-ldap/db/NetscapeRoot.ldif
>
> -tar up the directory:  tar -cpvf fedora-ds.tar fedora-ds
>
> -move the tar file to the /tmp dir of the new destination server 
> CentOS 5.4 (389 server already installed via 'yum install 389-ds' per 
> the docs using EPEL.  This installed fine.).  Per the docs here ( 
> http://www.redhat.com/docs/manuals/dir-server/8.1/install/Installation_Guide-Migration_Procedure.html 
> ) I did not run the setup-ds-admin.pl <http://setup-ds-admin.pl> due 
> to the warning note in the migration docs.
>
> -extract the tar to /tmp on the new server (tar -xpvf fedora.tar)
>
> -remove the 10presense.ldif file (per our other conversation regarding 
> my other issue - conflict with source ldif).
>
> -run the migration script as follows:  ./migrate-ds-admin.pl 
> <http://migrate-ds-admin.pl> --oldsroot /tmp/fedora-ds --actualsroot 
> /opt/fedora-ds General.ConfigDirectoryAdminPwd='mypassword'
What is the FQDN of the old machine you are migrating from?  Is it 
exactly the same as the new FQDN?
>
>
>
>
> On Mon, Mar 15, 2010 at 11:26 AM, Rich Megginson <rmeggins@xxxxxxxxxx 
> <mailto:rmeggins@xxxxxxxxxx>> wrote:
>
>     Brian Provenzano wrote:
>     > Thanks for the tip.  I have the following in my
>     > /var/log/dirsrv/slapd-ldap/access log:
>     >
>     > [15/Mar/2010:10:42:44 -0600] conn=1 fd=64 slot=64 connection from
>     > 192.168.1.20 to 192.168.1.20
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=0 BIND dn="" method=128
>     version=3
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=0 RESULT err=0 tag=97
>     > nentries=0 etime=0 dn=""
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=1 SRCH base="o=NetscapeRoot"
>     > scope=2 filter="(uid=admin)" attrs="dn"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=1 RESULT err=0 tag=101
>     > nentries=1 etime=0
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=2 BIND dn="uid=admin,
>     > ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" method
>     > =128 version=3
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=2 RESULT err=0 tag=97
>     > nentries=0 etime=0 dn="uid=admin,ou=administrators,ou=topologyma
>     > nagement,o=netscaperoot"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=3 SRCH base="cn=389
>     > Administration Server, cn=Server Group, cn=ldap.mcs.local, ou=mcs.
>     > local, o=NetscapeRoot" scope=0 filter="(objectClass=*)" attrs="*
>     aci aci"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=3 RESULT err=32 tag=101
>     > nentries=0 etime=0
>     Does the entry o=NetscapeRoot exist?
>     Does ou=mcs.local, o=NetscapeRoot exist?
>     Does cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot exist?
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=4 SRCH
>     > base="cn=admin-serv-ldap, cn=389 Administration Server, cn=Server
>     > Group, cn=lda
>     > p.mcs.local, ou=mcs.local, o=NetscapeRoot" scope=0
>     > filter="(objectClass=*)" attrs="* aci aci"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=4 RESULT err=32 tag=101
>     > nentries=0 etime=0
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=5 SRCH
>     base="cn=configuration,
>     > cn=admin-serv-ldap, cn=389 Administration Server, cn=Se
>     > rver Group, cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot" scope=0
>     > filter="(objectClass=*)" attrs="* aci aci"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=5 RESULT err=32 tag=101
>     > nentries=0 etime=0
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=6 SRCH base="cn=encryption,
>     > cn=configuration, cn=admin-serv-ldap, cn=389 Administratio
>     > n Server, cn=Server Group, cn=ldap.mcs.local, ou=mcs.local,
>     > o=NetscapeRoot" scope=0 filter="(objectClass=*)" attrs="* aci aci
>     > "
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=6 RESULT err=32 tag=101
>     > nentries=0 etime=0
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=7 SRCH base="cn=Tasks,
>     > cn=admin-serv-ldap, cn=389 Administration Server, cn=Server Gro
>     > up, cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot" scope=0
>     > filter="(objectClass=*)" attrs="* aci aci"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=7 RESULT err=32 tag=101
>     > nentries=0 etime=0
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=8 ADD dn="cn=Tasks,
>     > cn=admin-serv-ldap, cn=389 Administration Server, cn=Server Group,
>     >  cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot"
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=8 RESULT err=32 tag=105
>     > nentries=0 etime=0
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=9 UNBIND
>     > [15/Mar/2010:10:42:44 -0600] conn=1 op=9 fd=64 closed - U1
>     >
>     >
>     > The "ADD" specified in the migration log is the same one here that
>     > appears to fail (I guess).  Sorry for my ignorance, but I have
>     no idea
>     > how to resolve this.
>     >
>     >
>     >
>     > On Mon, Mar 15, 2010 at 9:30 AM, Rich Megginson
>     <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>
>     > <mailto:rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>>> wrote:
>     >
>     >     Brian Provenzano wrote:
>     >     > I'm still on the road to trying to migrate from FDS 1.0.4
>     to 389 DS
>     >     > 1.2.5.  Thanks to Rich's help yesterday in a previous
>     thread (Cross
>     >     > Migration Problem From FDS 1.0.x to 386 Directory Server)
>     I was able
>     >     > to fix an import issue with an existing ldif schema
>     (presense.ldif).
>     >     >
>     >     > Anyway, I am now running to the following issue when the
>     migration
>     >     > script tries to read/migrate my data from LDIF ( I have a
>     >     > userRoot.ldif and NetscapeRoot.ldif).  I assume it is the
>     >     > NetscapeRoot.ldif that is the issue:
>     >     >
>     >     >
>     >     > # ./migrate-ds-admin.pl <http://migrate-ds-admin.pl>
>     <http://migrate-ds-admin.pl>
>     >     <http://migrate-ds-admin.pl> --oldsroot
>     >     > /tmp/fedora-ds --actualsroot /opt/fedora-ds
>     >     > General.ConfigDirectoryAdminPwd='mypassword'
>     >     > Beginning migration of Directory and Administration
>     servers from
>     >     > /tmp/fedora-ds . . .
>     >     > Beginning migration of directory server instances in
>     >     /tmp/fedora-ds . . .
>     >     > Your new DS instance 'slapd-ldap' was successfully created.
>     >     > Beginning migration of Administration server from
>     /tmp/fedora-ds
>     >     . . .
>     >     > Creating Admin Server files and directories . . .
>     >     > dn: cn=Tasks, cn=admin-serv-ldap, cn=389 Administration
>     Server,
>     >     > cn=Server Grou
>     >     >  p, cn=ldap.mcs.local, ou=mcs.local, o=NetscapeRoot
>     >     > objectclass: top
>     >     > objectclass: nsResourceRef
>     >     > cn: Tasks
>     >     > Error adding entry 'cn=Tasks, cn=admin-serv-ldap, cn=389
>     >     > Administration Server, cn=Server Group, cn=ldap.mcs.local,
>     >     > ou=mcs.local, o=NetscapeRoot'.  Error: No such object
>     >     > Exiting . . .
>     >     > Log file is '/tmp/migrate5naZZB.log'
>     >     >
>     >     >
>     >     > Here is the /tmp/migrate5naZZB.log' log file:
>     >     > ---------------------
>     >     > [10/03/12:10:58:57] - [Migration] Info Beginning migration of
>     >     > Directory and Administration servers from /tmp/fedora-ds . . .
>     >     > [10/03/12:10:58:57] - [Migration] Info Beginning migration of
>     >     > directory server instances in /tmp/fedora-ds . . .
>     >     > [10/03/12:10:59:00] - [Migration] Info Your new DS instance
>     >     > 'slapd-ldap' was successfully created.
>     >     > [10/03/12:10:59:13] - [Migration] Info Copying
>     >     > /tmp/fedora-ds/alias/slapd-ldap-cert8.db to
>     >     > /etc/dirsrv/slapd-ldap/cert8.db
>     >     > [10/03/12:10:59:13] - [Migration] Info Copying
>     >     > /tmp/fedora-ds/alias/slapd-ldap-key3.db to
>     >     /etc/dirsrv/slapd-ldap/key3.db
>     >     > [10/03/12:10:59:13] - [Migration] Info Copying
>     >     > /tmp/fedora-ds/alias/secmod.db to
>     /etc/dirsrv/slapd-ldap/secmod.db
>     >     > [10/03/12:10:59:13] - [Migration] Info No
>     >     > /tmp/fedora-ds/alias/slapd-ldap-pin.txt to migrate
>     >     > [10/03/12:10:59:13] - [Migration] Info Copying
>     >     > /tmp/fedora-ds/shared/config/certmap.conf to
>     >     > /etc/dirsrv/slapd-ldap/certmap.co <http://certmap.co>
>     <http://certmap.co>
>     >     <http://certmap.co>
>     >     > nf
>     >     > [10/03/12:10:59:14] - [Migration] Info Beginning migration of
>     >     > Administration server from /tmp/fedora-ds . . .
>     >     > [10/03/12:10:59:15] - [Migration] Info Creating Admin Server
>     >     files and
>     >     > directories . . .
>     >     > [10/03/12:10:59:15] - [Migration] Debug No file to migrate:
>     >     > /tmp/fedora-ds/alias/admin-serv-ldap-cert8.db
>     >     > [10/03/12:10:59:15] - [Migration] Debug No file to migrate:
>     >     > /tmp/fedora-ds/alias/admin-serv-ldap-key3.db
>     >     > [10/03/12:10:59:15] - [Migration] Info Copying
>     >     > /tmp/fedora-ds/alias/secmod.db to
>     /etc/dirsrv/admin-serv/secmod.db
>     >     > [10/03/12:10:59:15] - [Migration] Info No
>     >     > /tmp/fedora-ds/alias/admin-serv-ldap-pin.txt to migrate
>     >     > [10/03/12:10:59:15] - [Migration] Info Copying
>     >     > /tmp/fedora-ds/shared/config/certmap.conf to
>     >     > /etc/dirsrv/admin-serv/certmap.co <http://certmap.co>
>     <http://certmap.co>
>     >     <http://certmap.co>
>     >     > nf
>     >     > [10/03/12:10:59:15] - [Migration] Info Error adding entry
>     'cn=Tasks,
>     >     > cn=admin-serv-ldap, cn=389 Administration Server, cn=Ser
>     >     > ver Group, cn=ldap.mcs.local, ou=mcs.local,
>     o=NetscapeRoot'.  Error:
>     >     > No such object
>     >     Look in the access log of your configuration directory server -
>     >     look for
>     >     err=32 along with a DN that looks like the above.  For an ADD
>     >     operation,
>     >     you get err=32 (No such object) when the parent of the entry
>     you are
>     >     attempting to add cannot be found.
>     >     > [10/03/12:10:59:15] - [Migration] Fatal Exiting . . .
>     >     > Log file is '/tmp/migrate5naZZB.log'
>     >     >
>     >     >
>     >     > Thanks,
>     >     > Brian
>     >     >
>     >     >
>     >    
>     ------------------------------------------------------------------------
>     >     >
>     >     > --
>     >     > 389 users mailing list
>     >     > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>     >     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
>     >     > https://admin.fedoraproject.org/mailman/listinfo/389-users
>     >
>     >     --
>     >     389 users mailing list
>     >     389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>     >     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>>
>     >     https://admin.fedoraproject.org/mailman/listinfo/389-users
>     >
>     >
>     >
>     ------------------------------------------------------------------------
>     >
>     > --
>     > 389 users mailing list
>     > 389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>     > https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>     --
>     389 users mailing list
>     389-users@xxxxxxxxxxxxxxxxxxxxxxx
>     <mailto:389-users@xxxxxxxxxxxxxxxxxxxxxxx>
>     https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
> ------------------------------------------------------------------------
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux