Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 9. Migrating Directory Server 10 to Directory Server 12

Learn about migration from Red Hat Directory Server 10 to 12, including tasks that you must perform before you start the migration.

Important

Red Hat supports migration only from Red Hat Directory Server 10 or 11 to version 12. To migrate Directory Server from earlier version, you must perform incremental migrations to Directory Server 10 or 11.

Red Hat does not support an in-place upgrade of Directory Server 10 or 11 servers to version 12 by using the leapp upgrade tool.

For migration, you can use one of the following ways:

  • If you have a replication topology, use the replication method.
  • If you have a disconnected topology without planned replication between Directory Server 10 and Directory Server 12, or if your database is more that 1 GB, use the export and import method.

9.1. Prerequisites
Link kopieren

  • The existing Directory Server installation runs on version 10 and has all available updates installed.
  • You installed a Directory Server 12 host and created an instance on the host.

In a replication topology, use the replication method to migrate to Directory Server 12.

Procedure

  1. On the Directory Server 12 host, enable replication, but do not create a replication agreement. For details about enabling replication, see the Configuring and managing replication in the Red Hat Directory Server 12 documentation.

  2. On the Directory Server 10 host, enable replication and create a replication agreement that points to the Directory Server 12 host. For details about enabling replication, see chapter 15 "Managing Replication" in the Red Hat Directory Server 10 Administration Guide.

    Important

    If you used a custom configuration on the Directory Server 10 host, do not replace the dse.ldif configuration file on the Directory Server 12 host with the file from previous versions, because the dse.ldif layout changes between versions. Instead, use the dsconf utility or the web console to add the custom configuration for each parameter and plug-in that you require.

  3. Optional: Set up further Directory Server 12 hosts with replication agreements between the Directory Server 12 hosts.
  4. Configure your clients to use only the Directory Server 12 hosts.

  5. On the Directory Server 10 host, remove the replication agreements that point to the Directory Server 12 host: 

    # ldapmodify -D "cn=Directory Manager" -W -x -p 389 -h server_ds_10.example.com
dn: cn=agreement-to-DS-12-server,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping
tree,cn=config
changetype: delete
    Copy to Clipboard Toggle word wrap
  6. Uninstall the Directory Server 10 hosts. See the chapter 4.8 "Uninstalling Directory Server" in the Red Hat Directory Server 10 Installation Guide.

Use the export and import method to migrate large Directory Server environments or instances without replication.

Procedure

  1. Perform the following steps on the existing Directory Server 10 host:

    1. Stop and disable the dirsrv service: 

      # dsctl DS10_instance_name stop
# systemctl disable dirsrv@DS10_instance_name
      Copy to Clipboard Toggle word wrap

    2. Export the backend. For example, to export the userRoot database and store it in the /tmp/userRoot.ldif file: 

      # db2ldif -Z DS10_instance_name -n userRoot -a /tmp/userRoot.ldif
      Copy to Clipboard Toggle word wrap

    3. Copy the following files to the new Directory Server 12 host:

      • The LDIF file userRoot.ldif that you exported in the previous step.
      • The /etc/dirsrv/slapd-DS10_instance_name/schema/99user.ldif file if you use a custom schema.

      • The /etc/dirsrv/slapd-DS10_instance_name/dse.ldif configuration file.

        Important

        Do not replace the dse.ldif configuration file on the Directory Server 12 host with the file from the Directory Server 10 host because the dse.ldif layout changes between versions. Store the dse.ldif file for the reference.

      • If you want to migrate an instance with TLS enabled and reuse the same host name for the Directory Server 12 installation, copy:

        • /etc/dirsrv/slapd-DS10_instance_name/cert8.db
        • /etc/dirsrv/slapd-DS10_instance_name/key3.db
        • /etc/dirsrv/slapd-DS10_instance_name/pin.txt
    4. If you want to use the same host name and IP on the Directory Server 12 host, disconnect the old server from the network.

  2. Perform the following steps on the new Directory Server 12 host:

    1. Optional: Configure TLS encryption:

      • If the new installation uses a different host name than the Directory Server 10 instance, see the Enabling TLS-encrypted connections to Directory Server section in the Securing Red Hat Directory Server documentation.

      • If you want to use the same host name as the previous Directory Server 10 installation:

        1. Stop the instance: 

          # dsctl DS12_instance_name stop
          Copy to Clipboard Toggle word wrap

        2. Remove the Network Security Services (NSS) databases and the password file for Directory Server, if they already exist: 

          # rm /etc/dirsrv/slapd-DS12_instance_name/cert*.db /etc/dirsrv/slapd-DS12_instance_name/key*.db /etc/dirsrv/slapd-DS12_instance_name/pin.txt
          Copy to Clipboard Toggle word wrap
        3. Move the cert8.db, key3.db, and pin.txt files that you copied from the Directory Server 10 host to the /etc/dirsrv/slapd-DS12_instance_name/ directory.

        4. Set the correct permissions for the NSS databases and the password file: 

          # chown dirsrv:root /etc/dirsrv/slapd-DS12_instance_name/cert8.db /etc/dirsrv/slapd-DS12_instance_name/key3.db /etc/dirsrv/slapd-DS12_instance_name/pin.txt

# chmod 600 /etc/dirsrv/slapd-DS12_instance_name/cert8.db /etc/dirsrv/slapd-DS12_instance_name/key3.db /etc/dirsrv/slapd-DS12_instance_name/pin.txt
          Copy to Clipboard Toggle word wrap

        5. Start the instance: 

          # dsctl DS12_instance_name start
          Copy to Clipboard Toggle word wrap

    2. If you used a custom schema, place the 99user.ldif file in the /etc/dirsrv/slapd-DS12_instance_name/schema/ directory, set appropriate permissions, and restart the instance: 

      # cp /etc/dirsrv/slapd-DS10_instance_name/schema/99user.ldif /etc/dirsrv/slapd-DS12_instance_name/schema/

# chmod 644 /etc/dirsrv/slapd-DS12_instance_name/schema/99user.ldif

# chown root:root /etc/dirsrv/slapd-DS12_instance_name/schema/99user.ldif

# dsctl DS12_instance_name restart
      Copy to Clipboard Toggle word wrap

    3. Place the /tmp/userRoot.ldif file you prepared on the Directory Server 10 host in the /var/lib/dirsrv/slapd-DS12_instance_name/ldif/ directory and set the correct permissions: 

      # cp /tmp/userRoot.ldif /etc/dirsrv/slapd-DS12_instance_name/ldif/

# chown dirsrv:dirsrv /var/lib/dirsrv/slapd-DS12_instance_name/ldif/userRoot.ldif
      Copy to Clipboard Toggle word wrap

    4. Import the userRoot.ldif file to restore the userRoot backend with all entries: 

      # dsconf -D 'cn=Directory Manager' ldap://server.example.com backend import userRoot /var/lib/dirsrv/slapd-instance_name/ldif/userRoot.ldif
      Copy to Clipboard Toggle word wrap

      Note that Directory Server 12 can import LDIF files only from the /var/lib/dirsrv/slapd-DS12_instance_name/ directory.

      Important

      If you used a custom configuration on the Directory Server 10 host, do not replace the dse.ldif configuration file on the Directory Server 12 host with the file from previous versions. Instead, use the dsconf utility or the web console to add the custom configuration manually for each parameter and plug-in that you require.

Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat