Ensure that you have completed the following:
All the services you need to migrate must be configured on the target server.
Ensure that all eDirectory processes (such as eDirectory repair) are completed before performing the Transfer ID scenario. The Transfer ID process locks the DIB (eDirectory database) on the source server and no operations can be performed.
Back up the eDirectory database. For more information, see Section 11.1, Back up eDirectory Database and NICI Keys.
IMPORTANT:Some of the steps for Transfer ID need to be performed manually. The GUI displays messages to ensure that you have completed the manual step. When the manual steps are completed, click OK to proceed to the next step. If you skip the manual steps, errors are encountered in the subsequent steps.
The Transfer ID GUI displays tasks you perform to complete the identity transfer.
eDirectory Precheck: Click Next.
The eDirectory Precheck step can be executed multiple times to verify the health of the eDirectory tree. Executing this step does not modify the source server and target server.
After successful completion of this step, the icon adjacent eDirectory Precheck changes to a green check mark.
(Conditional) If the source server is OES 1 Linux, OES 2 Linux, or OES 11, ensure that you have copied the SSH keys to avoid multiple password prompts on execution of this step.
Enable SSH on the source server and the target server.
Enter the # ssh-keygen -t rsa command on the target server.
When you are prompted to enter the file in which to save the key (/root/.ssh/id_rsa), press Enter.
The ssh keys are stored in the default location.
When you are prompted to enter the passphrase (empty for no passphrase), press Enter.
We recommend that you do not include the passphrase.
Copy the key value (the output of the # ssh-keygen -t rsa command) to the source server.
# scp ~/.ssh/id_rsa.pub root@<source-server>:/root/
where <source-server> is the IP address or the hostname of the source server.
Log on to the source server by using ssh. If the .ssh directory is not available, create the directory, then append the key value to the list of authenticated keys.
cat id_rsa.pub >> /root/.ssh/authorized_keys
Preparation: Click Next.
The Preparation step removes eDirectory from the target server. The LUM association with the groups and users is no longer available because the Unix Workstation object is also removed.
This step fails to execute if the prerequisites are not met.
DIB Copy: Click Next.
The DIB Copy creates an eDirectory DIB (Directory Information Base) copy of the source server on the target server.
On completion of this step, the source server's DIB is locked and further operations are not permitted on the source server. The eDirectory database and the NICI files are copied to the target server.
IMPORTANT:This command fails to execute if the replica ring is not in sync, or if the time is not synchronized among all the servers in the replica ring.
The eDirectory database on the source server is locked. The eDirectory database and the NICI files are copied to the target server.
Shutdown Source: Click Next to manually shut down the source server and disconnect it from the network.
You are prompted to confirm that the source server is shut down. Click OK and proceed with the next step, or click Cancel and shut down the source server.
DIB Restore: Click Next to restore the eDirectory database that was backed up from the source server in Step 3 on the target server. This includes the NICI keys and the eDirectory related information.
WARNING:If the backup in Step 3 was not successful, the DIB Restore step fails. A failure at this point might cause the target eDirectory server to be unusable.
IP Change: Click Next to change the IP address of the services and their configuration files on the target server to the source server IP address.
IMPORTANT:Failure of the script to change the IP address, or terminating the operation manually, might cause the system to hang. For more information, see Section 14.0, Troubleshooting Issues.
If you are executing the Migration GUI by using a remote session, the Transfer ID wizard hangs and fails to proceed. For more information, see Section 12.0, Running Transfer ID Remotely.
System: The target server IP address is overwritten with the source server IP address.
Services: The configuration files of the migrated services are assigned with the new IP address of the target server.
Others: The IP address change scripts located in the nonplugin folder are executed. Executes the IP address change scripts for the services that are not included in the plug-ins of the Migration Tool GUI. The IP address change scripts are located in the /opt/novell/migration/sbin/serveridswap/scripts/ipchange/nonplugin/ folder. If you need to change the IP address of any additional services, you must add the scripts to the nonplugin folder.
No email is sent in this step, even if you have selected the settings to receive an email.
Hostname Change: Click Next to change the hostname of the system, services, and their configuration files to the source server hostname.
IMPORTANT:Failure of the script to change the hostname or terminating the operation manually might cause the system to hang. For more information, see Section 14.0, Troubleshooting Issues.
System: The target server hostname is overwritten with the source server hostname.
Services: The configuration files of the migrated services are assigned with the new hostname of the target server.
Others: Executes the hostname change scripts for the services that are not included in the plug-ins of the Migration Tool GUI. The hostname change scripts are located in the /opt/novell/migration/sbin/serveridswap/scripts/hostchange/nonplugin/ folder. If you need to change the hostname of any additional services, you need to add the scripts in the nonplugin folder.
In this step, the Transfer ID wizard runs the hostname change scripts located in the nonplugin folder.
NOTE:No email is sent in this step, even if you have selected the settings to receive an email.
Reinitialize Server: Click Next to reinitialize the target server with the IP address and hostname of the source server. eDirectory is also restarted.
Repair: Click Next to repair eDirectory, certificates, and services on the target server. The ndsrepair command is used to perform eDirectory repair. Service-specific repairs only run for services that were migrated using the current project.
eDirectory: Checks to see if eDirectory is up and running on the target server. It also runs a repair on the eDirectory tree.
Certificates: Repairs the target server certificate and the trusted root certificate.
LUM: The following steps are performed during LUM repair:
Creates a Unix Workstation object.
Regenerates the certificate for LUM on the target server.
Associates LUM groups and users to the target servers’s Unix Workstation object.
Refreshes the LUM cache.
Services: Repairs the services that are migrated to the target server. If no services are configured for migration, the Migration Tool skips this step and the icon adjacent to Services changes to a green check mark.
Others: Executes the repair scripts for the services that are not included in the plug-ins of the Migration Tool GUI. The scripts are located in the /opt/novell/migration/sbin/serveridswap/scripts/repair/nonplugin/ folder. If you need to repair any additional services, you must add the scripts to the nonplugin folder.
In this step, Transfer ID wizard runs the scripts located in the nonplugin folder.
Restart Server: Manually restart your target server for completion of Transfer ID.
The target server now runs with the source server identity.
Continue with Section 13.0, Post Transfer ID Migration.