Description
This test case verifies that the ipa-migrate
command in production mode with schema migration skipped (-S
) performs the migration of users and other IPA data from a remote IPA server to a local IPA server without migrating schema definitions.
Setup
- Install Fedora 41 on both local and remote servers.
- Set up a remote IPA server with the domain
testrelm.test
and ensure it is running. - Create the following on the remote IPA server:
* A user (user1
) with valid configuration. * Groups. * HBAC Rule:hbacrule1
. * Sudo Rule:sudorule1
.
- Set up a local IPA server with the same domain
testrelm.test
and ensure it is running.
How to test
- Install the IPA server on the remote system and configure it with the domain
testrelm.test
. - Create sample entries on the remote IPA server:
* Useruser1
. * Groups. * HBAC Rule:hbacrule1
. * Sudo Rule:sudorule1
.
- Install and configure the IPA server on the local system with the same domain
testrelm.test
. - Run the
ipa-migrate
command in production mode with schema migration skipped (-S
): - [root@local ~]# ipa-migrate prod-mode remote.testrelm.test -S -w Secret123
- Confirm the migration operation by checking the logs and reviewing the migration summary.
Expected Results
The following must be true to consider this a successful test run:
- The
ipa-migrate
command executes without errors and displays the migration summary. - The output confirms that the schema migration is skipped:
Schema Migration (migrated 0 definitions)
Attributes: 0
Objectclasses: 0
- Verify that the database migration successfully processes user entries and related configurations:
Database Migration (migrated 1 entries) Users: 1
- The migration logs (
/var/log/ipa-migrate.log
) confirm that no attributes or objectClasses were migrated:
2024-11-25T10:18:48Z INFO Migrating schema ... 2024-11-25T10:18:48Z DEBUG Getting schema from the remote server ... 2024-11-25T10:18:48Z DEBUG Retrieved 1538 attributes and 343 objectClasses 2024-11-25T10:18:49Z DEBUG Migrated 0 attributes and 0 objectClasses 2024-11-25T10:18:49Z DEBUG Skipped 1538 attributes and 343 objectClasses
- Verify that users are successfully migrated:
[root@local ~]# ipa user-find User login: user1 First name: user1 Last name: s Home directory: /home/user1 Login shell: /bin/sh Principal name: user1@TESTRELM.TEST UID: [preserved UID] GID: [preserved GID] Account disabled: False
- Confirm post-migration action items are noted:
- Manual migration of IDM-related configuration files.
- Restart of SSSD after migration.
- Taking the local server out of migration mode once tasks are complete.
- Resetting the admin password if needed.
Optional
- Optionally validate the skipped schema migration by reviewing the schema logs for attributes and objectClasses.
- Test migration with additional users, groups, and rules to ensure robustness when skipping schema migration.