On 04/08/2015 07:12 AM, Прохоров Сергей wrote:
Hello, I have self-signed freeipa replica. The problem is that I lose
my freeipa primary server after hdd error.
Now I need to create new replication server but I can't without
primary server. I read this documentation and a lot of community
correspondence but don't find my issue:
How can I resolve it or migrate my kerberos/ldap schema to the new
I'm using ipa-server-3.0.0-42.el6.x86_64 from base oracle linux 6.5
By self-signed you mean you had a self signed CA as a part of the first
IPA server, right?
Did you install replica with the CA component or not?
If you lost your first server that had CA and have replica that does not
have CA you are not in a best situation.
There are several options that you can explore. But before we dive into
that please answer following questions.
1. Is the situation described correctly?
2. Do you take advantage of the cert capabilities of IPA?
3. Did you make any backups of the first server?
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project