Show Table of Contents
5.2. Pre-migration Tasks
Red Hat Directory Server 9 servers need to be reconfigured to match the previous version. You need to reconfigure plug-ins, SSL, schema, server configuration, and so on.
Each new Red Hat Directory Server 9 instance needs to be manually reconfigured to match the previous version. This includes adding, enabling, and configuring plug-ins. If SSL was previously used, it needs to be set up on the new instance as well. Any custom schema needs to be in place on the new server. The server settings, like cache sizes, resource limits, indexing, and general configuration settings need to be re-applied.
5.2.1. Directory Server Configuration
The Directory Server configuration includes back-end suffixes, cache settings, indexing, and so on.
When migrating to Red Hat Directory Server 9:
- Make sure that you have recreated back-end suffixes. This is especially important for replication to work properly.
- Make sure that you have configured attribute indexes.
- You may need to reconfigure the database cache and each back-end entry cache to match the previous version.
5.2.2. Migration and SSL
If the new server will reuse the same host name as the previous server, then the security database files can simply be copied to the new server. For example:
/etc/dirsrv/slapd-instance_name/cert8.db /etc/dirsrv/slapd-instance_name/key3.db
If the new server will not reuse the same host name, then you will need to issue and install new certificates in the Directory Server instance and Admin Server (if applicable).
5.2.3. Schema Migration
Using the default settings, Red Hat Directory Server 9 and later is RFC 4512-compliant and does not support older schema versions. To enable older schema support or to migrate:
- Enable the
nsslapd-enquote-sup-ocparameter in thecn=configentry:# ldapmodify -D "cn=directory manager" -W -x dn: cn=config changetype: modify replace: nsslapd-enquote-sup-oc nsslapd-enquote-sup-oc: on
- Append the following parameter at the end of your
/etc/sysconfig/dirsrv-instancefile:LDAP_SCHEMA_ALLOW_QUOTED="on"
- Restart the Directory Server instance:
# service dirsrv restart instance_name
You can migrate the schema from an old server instance in the following ways:
- Copy the
/etc/dirsrv/slapd-instance_name/schema/99user.ldiffile and all custom schema files to the new instance. Restart the Directory Server instance to take the changes effect. - Perform a database migration. For details, see Section 5.3, “Database Migration Methods”.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.