From Fedora Project Wiki

Description

This test case ensures the ipa-migrate command in stage mode (dry run) functions as expected, analyzing but not transferring data from a remote IPA server to a local IPA server.

Setup

  • Install Fedora 41 on both local and remote servers.
  • Set up a remote IPA server with the domain testrelm.test and ensure it is running.
  • Create users, groups, HBAC, and sudo rules on the remote IPA server.
  • Set up a local IPA server with the same domain testrelm.test and ensure it is running.

How to test

  1. Install the IPA server on the remote system and configure it with domain testrelm.test.
  2. Create sample entries on the remote IPA server:
 * Users
 * Groups
 * HBAC Rules
 * Sudo Rules
  1. Install and configure the IPA server on the local system with the same domain testrelm.test.
  2. Run the ipa-migrate command in stage mode as a dry run:
  3. [root@local ~]# ipa-migrate stage-mode remote.testrelm.test -x -w pwd
  4. Review the output and logs generated by the ipa-migrate command.

Expected Results

The following must be true to consider this a successful test run:

  1. The ipa-migrate command executes without errors.
  2. The output indicates successful analysis of the remote server with no data migrated.
  3. The ipa user-find command on the local server only lists the default admin user and no migrated users or groups.
  4. The ipa sudorule-find and ipa hbacrule-find commands return no migrated entries on the local server.
  5. Migration log (/var/log/ipa-migrate.log) confirms that the operation was a dry run with analyzed but not migrated entries.

Optional

Optionally test additional flags or combinations for dry-run operations to ensure flexibility and robustness in stage mode.