Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE Manual page 172

cd old_server_root/slapd-old_instance-db
db2ldif
5. The location and name of the LDIF file is shown once the conversion from the database to LDIF is complete.
ldif file:
old_server_root/slapd-old_instance-db/ldif/dated_#_file.ldif
6. Open the given location, and rename the LDIF file to old.ldif.
cd old_server_root/slapd-old_instance-db/ldif
mv dated_#_file.ldif old.ldif
7. Adjust the LDIF content of old.ldif.
NOTE
When using a text editor to perform the substitution instead of a script, use an editor that supports file sizes great-
er than 2 to 4 Gb such as vim because the LDIF files may be larger than 2 Gb in some deployments.
a. Delete the first two entries in old.ldif, for the old machine domain name and the LDAP port and domain.
Entry 1: dc=cert,dc=redhat,dc=com
Entry 2: cn=ldap://:38900,dc=cert,dc=redhat,dc=com
b. Replace the following entry with the value for internaldb.basedn parameter in the CS.cfg file. For ex-
ample:
cn=aclResources,dc=server.example.com-rhpki-ca
c. Add new groups for the the security domains.
cn=Security Domain Administrators,ou=groups,basedn
cn=Enterprise CA Administrators,ou=groups, basedn
cn=Enterprise KRA Administrators,ou=groups, basedn
cn=Enterprise OCSP Administrators,ou=groups, basedn
cn=Enterprise TKS Administrators,ou=groups, basedn
cn=Enterprise TPS Administrators,ou=groups, basedn
8. Convert the old.ldif file into a text file.
a. Open the version to text directory in the migration directory.
cd old_server_root/bin/cert/migrate/45ToTxt
b. Edit the run.sh file; uncomment and set the values for the following lines:
•
SERVER_ROOT=old_server_root
• >export SERVER_ROOT
•
INSTANCE=old_instance
• export INSTANCE
c. Run run.sh, which converts the LDIF file to a text file.
4. Migrating Internal Databases for
4.5
Databases