Currently Being ModeratedOct 18, 2011 4:33 AM (in response to D. Hoffmann)
Historically you have not been able to mix versions between an Open Directory Master and Replica, that is both would either have to be Snow Leopard, or both would have to be Lion.
I have not tried upgrading to Lion this way (I am currently leaving my servers on Snow Leopard) but I can suggest the following based on experiences with Snow Leopard Servers.
- As you already appear to have done, in Snow Leopard Server make an Archive of your Open Directory setup
- Make sure you also have a backup of the entire Snow Leopard Server so you can go back to it if you can't successfully move to Lion
- Setup the hostname, IP address and DNS records (which might mean setting up a DNS server) for the new Lion Server
- Check this using the command line
sudo changeip -checkhostname
- Make the new Lion Server in to a new empty Open Directory Master
- Test this new Open Directory Master by creating a test user and then deleting afterwards
- Now move on to the restoring of the Open Directory Archive, when I did this last time, I found that I was given two choices, either to completely replace the Open Directory with the one from the Archive, or to merge the two together. I found that trying to replace failed and resulted in an empty Open Directory like you report, I found that chosing merge did work successfully
If the above still does not work, then you might have to consider the following alternative approach.
- On the Snow Leopard Server in Workgroup Manager export all the user accounts except the Admin and DirAdmin accounts
- Optionally export all the Groups
- Optionally export all the Computer Groups
- Setup the new Lion Server
- Create a new empty Open Directory
- Import the files exported from Workgroup Manager
This will not keep the original passwords. You will have to set a password for each account.
Currently Being ModeratedOct 18, 2011 12:31 PM (in response to D. Hoffmann)
In keeping with the advice John has offered, you can't make an OD Replica of an OD Master which is not the same OS Version. It even has to be exactly the same version. For example 10.6.4 cannot be used to make an OD Replica of a 10.6.8 OD Master.
This has been the case since 10.4. I could be wrong but I don't think there was LDAP redundancy in versions of the server prior to 10.4?
You should also be aware that Apple have hampered the ability to create an effective OD Master using Server Admin. You should really use the 'new' Server App to achieve successful promotion. Once promoted you can use Server Admin to make what minor changes are possible using the GUI.
If you decide to take John's alternative approach and depending on how many users you have, you can apply a Password Policy forcing all users to change their passwords. This would be a far quicker process than manually changing each one. I can - in my experience - confirm users, groups etc exported from a 10.6 Server and imported into 10.7 do not cause any problems.
Currently Being ModeratedOct 28, 2011 6:28 AM (in response to D. Hoffmann)
I'm also trying to migrate OD from a SL server to Lion server using an archive from OD.
I think there is a problem if your new Lion server has a different hostname than your SL server.
This is what I get in /Library/Logs/slapconfig.log when I try to import the archive into Lion server's OD:
<timestamp> Current hostname does not match that of the archive (<new_server> vs. <old_server>). Please run changeip to make sure the hostnames match prior to restoring the archive.
Currently Being ModeratedSep 12, 2013 8:15 PM (in response to Martin Baechtold)
With regards the error you mentioned :
<timestamp> Current hostname does not match that of the archive (<new_server> vs. <old_server>).
I would suggest that you use the changeip command to ensure that the hostname and IP address of the server matches the hostname file located within the open directory archive backup.
As an example, if your server just needs to be refreashed with changeip and has an IP of 192.168.1.2 and FQHN of myserver.example.com then the following command should set allow you to import the backup.
sudo changeip 192.168.1.2 myserver.example.com myserver.example.com
Keep in mind that the hostname file would have to contain myserver.example.com in order for the restore to work on a Mac OS 10.8 system.
I hope this helps