On 11/06/2012 10:22 PM, Steven Jones wrote:
It seems I am faced with rebuilding my original IPA master....trouble is I dont
know the impact and problems with doing that.
What it your topology right now?
Do you have at least one fully-functional replica?
Is CA installed on this replica? Or is it replica without Dogtag CA (i.e.
installed with self-signed certificate)?
If you have one "complete" replica including CA then you can simply destroy
old server and install fresh replica as usual.
Rob can add more details and advices.
For instance, can I simply,
1) run a db2ldif to export the ldap contents,
2) un-install the IPA server,
3) reboot and re-install it,
4) run ldif2db
5) then re-sync the two replicas?
or will the two replicas need rebuilding? and rejoining fresh?
Will all the hosts need re-joining?
Looking at this I dont know just how easy it is or not to do.
Freeipa-users mailing list