Nathan wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 05/02/2013 01:56 PM, Rob Crittenden wrote:
$ ldapsearch -LLL -x -b
cn=oldmaster.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
dn
Then carefully paste each dn, minus the dn:, in REVERSE order, to:
$ ldapdelete -x -D 'cn=Directory Manager' -w cn=HTTP... cn=ldap...
^D to exit
My ipa domain is "systems.lafayette.edu", so I had to work that into
your search string, but I think I have it.
So, here's some output.
[root@caroline0 PROD ~]# ldapsearch -LLL -x -b
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
dn
dn:
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayett
e,dc=edu
So, from your ldapdelete example, would I.....
$ ldapdelete -x -D 'cn=Directory Manager' -w
cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
^D
Yup, use -W to prompt, or -w <password> to pass on cli.
Note that this confirms that IPA doesn't think this server is actually
providing any services.
rob
_______________________________________________
Freeipa-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/freeipa-users
