On 12/04/16 11:26, Rakesh Rajasekharan wrote:
Hi ,

I am running ipa-server verison 4.2 on AWS,and testing the freeipa backup and
restore .

The restoration works fine if its on the same host, wherin i uninstall freeipa
and then install it back and then do a full restore.

However, if its a new machine with a different ip, the restoration fails.

I am running the restoration from an ansible playbook.. heres the output, that 
I get

Preparing restore from /tmp/ipa/ipa-full-2016-04-12 on
test-ipa-master-int.xyz.com <http://test-ipa-master-int.xyz.com>
Performing FULL restore from FULL backup
Each master will individually need to be re-initialized or
re-created from this one. The replication agreements on
masters running IPA 3.1 or earlier will need to be manually
re-enabled. See the man page for details.
Disabling all replication.
Stopping IPA services
Systemwide CA database updated.
Restoring files
Systemwide CA database updated.
Restoring from userRoot in xyz-COM
Restoring from ipaca in xyz-COM
Starting IPA services
Command ''ipactl' 'start'' returned non-zero exit status 1
stdout: Configuring certmonger to stop tracking system certificates for CA

Is there a limitation that the ip needs to be the same for a restore to happen
or am I missing something.


Hello Rakesh,
it's not possible to determine what happened from information that you have sent. Could you please find the service that failed to start and send its logs?

I believe that all services in FreeIPA depends on host names and resolve IP address from DNS when needed. But if DNS server is part of FreeIPA server you're trying to restore it is holding old records with old IP addresses. Maybe this is the cause but it's just wild guess.

David Kupka

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to