Work up FreeIPA Identity Management project architecture, it’s main services for the infrastructure (identities, passwords, authorization rules, certificates, sudo…) and structure of their data. Elaborate if and how the data can be migrated to different FreeIPA deployment with different basic configuration (realm, DNS domain certificate subject name, replication topology). Prepare a manual procedure to do the migration and test it. Implement a tool to do the migration automatically. Evaluate your solution, its advantages and shortcomings.
Upstream ticket: https://fedorahosted.org/freeipa/ticket/3656