Hi, In case everyone else is asleep now......
Do you have access to RH documentation? the 6.3beta admin guide section 18.8 talks about why and how to make a replicate a master. eg., "NOTE All servers and replicas which host a CA are peers in the topology. They can all issue certificates and keys to IPA clients, and they all replicate information amongst themselves. The only reason to promote a replica or server to be a master server is if the master server is being taken offline. There has to be a root CA which can issue CRLs and ultimately validate certificate checks. Aside from that, replicas, servers, and the master server are all equal peers." regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 ________________________________ From: [email protected] [[email protected]] on behalf of David Copperfield [[email protected]] Sent: Thursday, 10 May 2012 11:04 a.m. To: Rob Crittenden; [email protected] Subject: [Freeipa-users] How to rebuild IPA master? Hi all, I've a IPA master/replica setup in our development environment. Unfortunately our IPA master crashed, the replica is working fine. Now I have the IPA master re-imaged. What are the steps I have to follow to re-create the IPA master from running IPA replica? Before crash the IPA master ran dogtag certificate system, while the IPA replica didn't -- created normally without the --setup-ca option. Thanks. --David
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
