Hi, I read the backup procedure on http://www.freeipa.org/page/Backup_and_Restore. If I lose my first master, it is stated than: - Clean deployment from the lost server by removing all replication agreements with it. - Choose another FreeIPA Server with CA installed to become the first master - Nominate this master to be the one in charge or renewing certs and publishing CRLS. This is a manual procedure at the moment. - Follow standard installation procedure to deploy a new master on a hardware/VM of your choice
How do I nominate this master to be the one in charge of renews certs and publishing CRLS? I didn't found the procedure. Also do I care to differentiate between the first master and other replica, if my IPA installation use an external root CA certificate (Windows AD in that case)? Regards, Nicolas Zin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project