On Tue, 2022-01-25 at 16:45 +0200, Alexander Bokovoy wrote: > > On another server, use the ipa server-del command to delete > server.example.com from the topology:
Indeed, I missed this part. :-( I suppose this cannot be done now that the machine has been redployed as a client correct? # ipa host-show server.example.com Host name: server.example.com Platform: x86_64 Operating system: 4.18.0-305.25.1.el8_4.x86_64 Principal name: host/[email protected] Principal alias: host/[email protected] SSH public key fingerprint: [redacted] Password: False Member of host-groups: ipaservers Member of HBAC rule: all_allow_mail_services Keytab: True Managed by: server.example.com # ipa server-show server.example.com ipa: ERROR: server.example.com: server not found # ipa server-find -------------------- 1 IPA server matched -------------------- Server name: server-staging.example.com Min domain level: 1 Max domain level: 1 ---------------------------- Number of entries returned 1 ---------------------------- Could I attempt to add as a replica again, have it fail and then would I be able to do the "ipa server-del"? > Does using a raw LDAP delete help? > > ldapdelete -D cn=directory\ manager -W > krbprincipalname=ldap/[email protected],cn=services,cn=a > ccounts,dc=example,dc=com I have not tried yet, pending the answer to the above questions. I don't want to much around too much under the hood before I have to. > If not, you might need to temporarily fix the LDAP entry schema > consistency before deleting the object. It means you'd need to add > krbPrincipalName attribute back. I have no idea how to do that. I have not mucked around with LDAP directly. Cheers, b.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
