Nathan wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 05/02/2013 01:56 PM, Rob Crittenden wrote:
$ ldapsearch -LLL -x -b
cn=oldmaster.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
dn

Then carefully paste each dn, minus the dn:, in REVERSE order, to:

$ ldapdelete -x -D 'cn=Directory Manager' -w cn=HTTP... cn=ldap...

^D to exit

My ipa domain is "systems.lafayette.edu", so I had to work that into
your search string, but I think I have it.

So, here's some output.

[root@caroline0 PROD ~]# ldapsearch -LLL -x -b
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
dn
dn:
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayett
  e,dc=edu

So, from your ldapdelete example, would I.....

$ ldapdelete -x -D 'cn=Directory Manager' -w
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
^D

Yup, use -W to prompt, or -w <password> to pass on cli.

Note that this confirms that IPA doesn't think this server is actually providing any services.

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to