Migrate FusionDirectory from 1.0.8.9 to 1.0.9 ============================================= Backup you template First ------------------------- The template system has been completely rewritten, and the old template will not be converted, so you need to backup them, remove them from FusionDirectory and then redo them. The new system is much cleaner because template are stored in they own branch now and are the basis for having template for the whole application in the future. Backup your phones ------------------ You must backup all your phones in a LDIF and remove them. Modify your LDIF like below: Before .. code-block:: shell cn=namePhone,ou=phones,ou=systems,dc=fusiondirectory,dc=org cn: namePhone goFonType: friend goFonDmtfMode: inband goFonDefaultIP: dynamic ipHostNumber: 127.0.0.1 macAddress: 00:0C:7F:31:33:F1 objectClass: top After .. code-block:: shell cn=namePhone,ou=phones,ou=systems,dc=fusiondirectory,dc=org cn: namePhone ipHostNumber: 127.0.0.1 macAddress: 00:0C:7F:31:33:F1 objectClass: fdPhone objectClass: device objectClass: ieee802Device objectClass: ipHost After the migration you may insert your phone again in your LDAP. You can use the next command to backup your phones .. code-block:: shell ldapsearch -xLLL -b ou=phones,ou=systems,dc=fusiondirectory,dc=org > backupPhones.ldif Moved Attributes ---------------- We cleaned the core of FusionDirectory to only used classical attributes and objectClass, so the FusionDirectory special attributes on the first page of FusionDirectory are now managed by the personal plugin. The personal plugin has been made to manage all kind of personal data and is best suited to contain those data not normalized. So of you use **personalTitle**, **dateOfBirth**, **gender** you will need to install the personal plugin. Upgrade FusionDirectory ----------------------- Upgrade FusionDirectory core package before other ones to avoid dependencies errors ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ **Debian** .. code-block:: shell apt-get install fusiondirectory Upgrade FusionDirectory schema package too. .. code-block:: shell apt-get install fusiondirectory-schema **RPM** .. code-block:: shell apt-get install fusiondirectory Upgrade FusionDirectory schema package too. .. code-block:: shell yum remove fusiondirectory yum install fusiondirectory Upgrade FusionDirectory schema package too. .. code-block:: shell apt-get install fusiondirectory Upgrade FusionDirectory schema package too. .. code-block:: shell yum remove fusiondirectory-schema yum install fusiondirectory-schema There is a new schema for the templates, so you need to run .. code-block:: shell fusiondirectory-insert-schema Removed obsolete plugins ^^^^^^^^^^^^^^^^^^^^^^^^ In this version we removed obsolete plugin, because they where based on software no longer existing or needed an sql backend and we decided they need to be rewritten using the now ldap backend of those softwares : - **asterisk** : old plugin not maintainable anymore based on the sql backend, but now asterisk has an ldap backend has well. - **fax** : old code based on the gofax software from gonicus, not maintained anymore upstream. - **openstack-compute** : openstack management interface changed and this plugin is no longer relevant - **uw-imap** : long gone imap server, nobody that whe know still use it They are no longer supported and should be removed from your installation New Plugin for peoples using a mix of groupOfNames and posixGroup on the same object ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ We cleaned the code of FusionDirectory and by default it make posixGroup or clean standard compliant groupOfNames. If you need a mix of groupOfNames and posixGroup on the same object you will need to install a new plugin called mixedgroups. .. warning :: Please take note that this plugin is for special cases and need modified core schema. !! If you need to have a link between user and groups you are better using the standard compliant groupOfNames or roles for examples for web applications. .. code-block:: shell apt-get install fusiondirectory-plugin-mixedgroups Upgrade of LDAP directory ------------------------- Upgrade Core FusionDirectory Schema ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The password recovery schema has been migrated into the core schema so you must remove it first .. code-block:: shell fusiondirectory-insert-schema -e recovery-fd Are you sure you want to empty schema(s) recovery-fd? [Yes/No]? Yes Upgrade the core-fd.schema and core-fd-conf.schema .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd.schema fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/core-fd-conf.schema If you use the argonaut plugin, upgrade the argonaut.schema .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/argonaut-fd.schema If you use the fai plugin, upgrade the fai-fd-conf.schema .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/fai-fd-conf.schema If you use the mail plugin, upgrade the mail-fd.schema .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/mail-fd.schema If you use the personal plugin, upgrade the personal-fd.schema .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/personal-fd.schema If you use the squid plugin, upgrade the proxy-fd.schema .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/proxy-fd.schema`` If you use the system plugin, upgrade the service-fd.schema, systems-fd.schema, systems-fd-conf.schema The Phone object has been migrated to the system plugin due to the removal of the asterisk plugin. .. code-block:: shell fusiondirectory-insert-schema -e asterisk-fd-conf Are you sure you want to empty schema(s) asterisk-fd-conf? [Yes/No]? Yes .. code-block:: shell fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/service-fd.schema fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd-conf.schema fusiondirectory-insert-schema -m /etc/ldap/schema/fusiondirectory/systems-fd.schema Check for deprecated attributes and objectClasses in your LDAP ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - **fusiondirectory-setup --list-deprecated** List deprecated attributes and objectclasses Deprecated attributes: .. code-block:: shell fusiondirectory-setup --list-deprecated List deprecated attributes and objectclasses Deprecated attributes: gotoModules                    (GOto - Gonicus Terminal Concept, value kernel modules.)        - 1.3.6.1.4.1.10098.1.1.1.32`` fdPasswordHook                 (FusionDirectory - Password hook (external command))            - 1.3.6.1.4.1.38414.8.13.4`` fdSnapshotURI                  (FusionDirectory - Snaphost URI)                                - 1.3.6.1.4.1.38414.8.17.3`` gotoXVsync                     (GOto - Gonicus Terminal Concept, value xVsync.)                - 1.3.6.1.4.1.10098.1.1.1.19`` ghSoundAdapter                 (Hardware definitions, value soundAdapter)                      - 1.3.6.1.4.1.10098.1.1.2.7`` gotoXMouseport                 (GOto - Gonicus Terminal Concept, value xMouseport.)            - 1.3.6.1.4.1.10098.1.1.1.22`` gotoXMonitor                   (GOto - Gonicus Terminal Concept, value xMonitor.)              - 1.3.6.1.4.1.10098.1.1.1.17`` gotoAdaptPath                  (GOto - Gonicus Terminal Concept, value adaptpath.)             - 1.3.6.1.4.1.10098.1.1.1.33`` gotoScannerClients             (GOto - Gonicus Terminal Concept, value scannerClients.)        - 1.3.6.1.4.1.10098.1.1.1.11`` gotoHardwareChecksum           (GOto - quick way to see if something has changed)              - 1.3.6.1.4.1.10098.1.1.2.12`` gotoRootPasswd                 (GOto - Gonicus Terminal Concept, value rootPasswd.)            - 1.3.6.1.4.1.10098.1.1.1.14`` gotoXKbLayout                  (GOto - Gonicus Terminal Concept, value xKblayout.)             - 1.3.6.1.4.1.10098.1.1.1.26`` gotoProfileServer              (GOto - specifies the profile server)                           - 1.3.6.1.4.1.10098.1.1.11.8`` fdAccountRDN                   (FusionDirectory - use a placeholder pattern for generating account RDNs)       - 1.3.6.1.4.1.38414.8.12.2`` gotoScannerEnable              (GOto - Gonicus Terminal Concept, value scannerEnable.)         - 1.3.6.1.4.1.10098.1.1.1.10`` ghGfxAdapter                   (Hardware definitions, value Grafikkarte)                       - 1.3.6.1.4.1.10098.1.1.2.9`` gotoFontPath                   (GOto - Gonicus Terminal Concept, value fontPath.)              - 1.3.6.1.4.1.10098.1.1.1.5`` ghIdeDev                       (Hardware definitions, value ideDev)                            - 1.3.6.1.4.1.10098.1.1.2.4`` gotoLpdEnable                  (GOto - Gonicus Terminal Concept, value lpdEnable.)             - 1.3.6.1.4.1.10098.1.1.1.9`` gotoXKbVariant                 (GOto - Gonicus Terminal Concept, value xKbvariant.)            - 1.3.6.1.4.1.10098.1.1.1.27`` fdRfc2307bis                   (FusionDirectory - rfc2307bis)                                  - 1.3.6.1.4.1.38414.8.10.1`` gotoAutoFs                     (GOto - Gonicus Terminal Concept, value autofs.)                - 1.3.6.1.4.1.10098.1.1.1.31`` gotoSndModule                  (GOto - Gonicus Terminal Concept, value sound Modules.)         - 1.3.6.1.4.1.10098.1.1.1.29`` gotoCdromEnable                (GOto - Gonicus Terminal Concept, value cdromEnable.)           - 1.3.6.1.4.1.10098.1.1.1.8`` gotoScannerModel               (GOto - Gonicus Terminal Concept, value scannerModel.)          - 1.3.6.1.4.1.10098.1.1.1.40`` gosaLoginRestriction           (GOsa - Multivalue attribute to carry a number of allowed ips/subnets)  - 1.3.6.1.4.1.10098.1.1.12.46`` gotoXColordepth                (GOto - Gonicus Terminal Concept, value xColordepth.)           - 1.3.6.1.4.1.10098.1.1.1.21`` academicTitle                  (Field to represent the academic title)                         - 1.3.6.1.4.1.10098.1.1.6.2`` fdSnapshotAdminDn              (FusionDirectory - Snaphost admin dn)                           - 1.3.6.1.4.1.38414.8.17.4`` gotoFilesystem                 (GOto - Gonicus Terminal Concept, value filesystem.)            - 1.3.6.1.4.1.10098.1.1.1.6`` ghInventoryNumber              (Unique number for inclusion in an inventory)                   - 1.3.6.1.4.1.10098.1.1.2.10`` gosaSubtreeACL                 (GOsa - ACL entry)                                              - 1.3.6.1.4.1.10098.1.1.12.1`` fdIdGenerator                  (FusionDirectory - An automatic way to generate new user ids)   - 1.3.6.1.4.1.38414.8.12.4`` ghUsbSupport                   (Hardware definitions, value usbSupport)                        - 1.3.6.1.4.1.10098.1.1.2.3`` gotoSysStatus                  (Keeps current system status - info shown in GOsa)              - 1.3.6.1.4.1.10098.1.1.2.11`` fdCopyPaste                    (FusionDirectory - (de)Activate copy/paste)                     - 1.3.6.1.4.1.38414.8.14.5`` gotoXDriver                    (GOto - Gonicus Terminal Concept, value xDriver.)               - 1.3.6.1.4.1.10098.1.1.1.28`` gotoXKbModel                   (GOto - Gonicus Terminal Concept, value xKbmodel.)              - 1.3.6.1.4.1.10098.1.1.1.25`` fdPersonalTitleInDN            (FusionDirectory - Personal title in dn)                        - 1.3.6.1.4.1.38414.8.12.5`` gotoLpdServer                  (GOto - Gonicus Terminal Concept, value lpdServer.)             - 1.3.6.1.4.1.10098.1.1.1.4`` gotoXHsync                     (GOto - Gonicus Terminal Concept, value xHsync.)                - 1.3.6.1.4.1.10098.1.1.1.18`` gotoProfileFlags               (GOto - Flags for Profile handling - C is for caching)          - 1.3.6.1.4.1.10098.1.1.11.7`` ghCpuType                      (Hardware definitions, value cpuType)                           - 1.3.6.1.4.1.10098.1.1.2.1`` gotoXResolution                (GOto - Gonicus Terminal Concept, value xResolution.)           - 1.3.6.1.4.1.10098.1.1.1.20`` gotoShare                      (GOto - specifies a share)                                      - 1.3.6.1.4.1.10098.1.1.11.9`` gotoScannerBackend             (GOto - Gonicus Terminal Concept, value scannerBackend.)        - 1.3.6.1.4.1.10098.1.1.1.39`` fdSnapshotAdminPassword        (FusionDirectory - Snaphost admin password)                     - 1.3.6.1.4.1.38414.8.17.5`` fdVoicemailContexts            (FusionDirectory - available voicemail contexts)                - 1.3.6.1.4.1.38414.19.11.2`` gosaDefaultLanguage            (GOsa - Defines the default language for a user)                - 1.3.6.1.4.1.10098.1.1.12.14`` ghMemSize                      (Hardware definitions, value memSize)                           - 1.3.6.1.4.1.10098.1.1.2.2`` gotoProfileQuota               (GOto - save quota for home)                                    - 1.3.6.1.4.1.10098.1.1.11.15`` fdSipContexts                  (FusionDirectory - available sip contexts)                      - 1.3.6.1.4.1.38414.19.11.1`` fdPhoneConferenceRDN           (FusionDirectory - Phone conference RDN)                        - 1.3.6.1.4.1.38414.19.10.3`` ghScsiDev                      (Hardware definitions, value scsiDev)                           - 1.3.6.1.4.1.10098.1.1.2.5`` fdPhoneMacroRDN                (FusionDirectory - Phone macro RDN)                             - 1.3.6.1.4.1.38414.19.10.2`` ghNetNic                       (Hardware definitions, value Network Device)                    - 1.3.6.1.4.1.10098.1.1.2.8`` gotoFloppyEnable               (GOto - Gonicus Terminal Concept, value floppyEnable.)          - 1.3.6.1.4.1.10098.1.1.1.7`` gotoXMouseButtons              (GOto - Gonicus Terminal Concept, value xMouseButtons.)         - 1.3.6.1.4.1.10098.1.1.1.23`` gotoXMouseType                 (Hardware definitions, value Type of mouse)                     - 1.3.6.1.4.1.10098.1.1.1.34`` Deprecated objectClasses: .. code-block:: shell goCupsServer                   (CUPS server description)                                       - 1.3.6.1.4.1.10098.1.2.1.23`` gosaCacheEntry                 (GOsa - Class for GOsa caching)                                 - 1.3.6.1.4.1.10098.1.2.1.19.3`` gosaUserTemplate               (GOsa - Class for GOsa User Templates)                          - 1.3.6.1.4.1.10098.1.2.1.19.11`` gosaAccount                    (GOsa - Class for GOsa Accounts)                                - 1.3.6.1.4.1.10098.1.2.1.19.6`` gosaObject                     (GOsa - Class for GOsa settings)                                - 1.3.6.1.4.1.10098.1.2.1.19.1`` - **fusiondirectory-setup --check-deprecated** will output a list of dn using old attributes and objectClasses .. code-block:: shell fusiondirectory-setup --check-deprecated List LDAP entries using deprecated attributes or objectclasses cn=fusiondirectory,ou=configs,dc=fusiondirectory,dc=org contains an obsolete attribute cn=fusiondirectory,ou=configs,dc=fusiondirectory,dc=org uses the obsolete object class fdAsteriskPluginConf uid=fd-admin,ou=people,dc=fusiondirectory,dc=org uses the obsolete object class gosaAccount - fusiondirectory-setup --ldif-deprecated will output an ldif file on the console that you can use with ldapmodify to clean you ldap server from old attributes. If they are old objectClasses it will warn you and you will have to remove it by hand, they have been specified at the **fusiondirectory-setup --check-deprecated** step. fusiondirectory-setup --ldif-deprecated .. code-block:: shell dn:cn=fusiondirectory,ou=configs,dc=fusiondirectory,dc=org changetype:modify delete:fdRfc2307bis - delete:fdCopyPaste - WARNING: There are entries in the LDAP using obsolete classes, you need to edit them manually .. warning:: Please read it carefully before applying !! Remove old schema from /etc/ldap/schema/fusiondirectory ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The old schema are not automatically removed from /etc/ldap/schema/fusiondirectory. You can safely remove **recovery-fd.schema** and **asterisk-fd.conf** Problems when we removing objectClasses ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ When you remove gosaAccount you can have some troubles. If you have samba plugin installed you must remove the next attributes on the users where the samba tab is not activate. - sambaBadPasswordTime - sambaBadPasswordCount - sambaNTPassword - sambaPwdLastSet If you use argonaut client tab on some objets ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ To add the new attribute argonautClientProtocol, you must only open the objets that have an argonaut client tab and save it again.