Include -clone_uri argument to pkisilent setting the clone URI.

This makes creating a clone from a clone work as expected.

Note that this depends on some fixes in the pki-ca, pki-common and pki-silent packages. I tested this against pre-release versions.

This means you can do something like this:

Install IPA on server A
Prepare a replica file on server A for server B
Install the IPA replica on server B
Preparea  replica file for server C on server B
Install the IPA replica on server C

The replication topology looks like: A <-> B <-> C

This isn't really recommended but it at least frees us from having a single point of failure regarding the CA. The CAs are now independent, though they replicate over a difference channel than IPA user data.

rob

Attachment: freeipa-446-clone.patch
Description: application/mbox

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to