On 05/10/2012 02:24 AM, Steven Jones wrote:
Hi,
In case everyone else is asleep now......
Do you have access to RH documentation? the 6.3beta admin guide section 18.8
talks about why and how to make a replicate a master.
Just for completeness:
Documentation is publicly available: http://docs.redhat.com/
Documentation for IPA beta:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Identity_Management_Guide/index.html
Documentation for latest stable IPA:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/index.html
eg.,
"NOTE
All servers and replicas which host a CA are peers in the topology. They can
all issue certificates
and keys to IPA clients, and they all replicate information amongst themselves.
The only reason to promote a replica or server to be a master server is if the
master server is
being taken offline. There has to be a root CA which can issue CRLs and
ultimately validate
certificate checks.
Aside from that, replicas, servers, and the master server are all equal peers."
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
------------------------------------------------------------------------------
*From:* [email protected] [[email protected]] on
behalf of David Copperfield [[email protected]]
*Sent:* Thursday, 10 May 2012 11:04 a.m.
*To:* Rob Crittenden; [email protected]
*Subject:* [Freeipa-users] How to rebuild IPA master?
Hi all,
I've a IPA master/replica setup in our development environment. Unfortunately
our IPA master crashed, the replica is working fine. Now I have the IPA master
re-imaged.
What are the steps I have to follow to re-create the IPA master from running
IPA replica? Before crash the IPA master ran dogtag certificate system, while
the IPA replica didn't -- created normally without the --setup-ca option.
Thanks.
--David
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
