[Freeipa-users] Re: Create a replica

Fri, 02 Mar 2018 01:16:29 -0800 

On 01/03/2018 18:11, Bret Wortman via FreeIPA-users wrote:
I've got a one system setup now and would like to create a replica and ensure survivability as much as possible. Will this do the trick? Obviously the first is run on the current master and the second on the new replica... 

# ipa-replica-prepare newserver.my.net --ip-address=192.168.1.50


# ipa-replica-install --setup-dns --setup-ca --no-forwarders 
/path/to/replica-info-newserver.my.net.gpg



Hi,


the procedure depends on your domain level. In order to find which 
domain-level you are using:

# ipa domainlevel-get
-----------------------
Current domain level: 1
-----------------------


If domain-level is 0, then you need to create a replica file and install 
the replica by providing this replica file (the instructions you wrote 
above). The procedure is documented here [1].



If domain-level is 1, then the procedure is different. You can first 
enroll the host as an IPA client with ipa-client-install, and then 
promote it to a replica with ipa-replica-install (no replica file 
provided), or do the 2 steps in ipa-replica-install (if you provide all 
the required options). More information here [2]


HTH,
Flo


[1] 
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/app.replica
[2] 
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/creating-the-replica


--
photo   
        
*Bret Wortman*
President, Damascus Products LLC

855-644-2783 <tel:855-644-2783> | 303-523-8037 <tel:303-523-8037> | 
b...@damascusproducts.com <mailto:b...@damascusproducts.com> | 
http://damascusproducts.com/ | 10332 Main St Suite 319 Fairfax, VA 22030
<http://facebook.com/wrapbuddiesco> 
<http://twitter.com/wrapbuddiesco> 	<http://instagram.com/wrapbuddies>


<https://facebook.com/wrapbuddiesco><https://instagram.com/wrapbuddies>


_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org






















					Reply via email to