Hello, comments inline

On 01.06.2016 20:34, Michael Rainey (Contractor) wrote:

My apologies for the duplicate thread, but from my vantage point I did not see any signs of my message making it to the mailing list. My original message was not posted back to me, nor was your reply posted to me.

Ok, no problem

Now back to your reply. I did try the command you suggested and it does appear to have removed the last remnants of my first server. Are there any additional steps I should perform to verify things are as they once were?

You can try ipa-replica-manage list, ipa-csreplica-manage list, list-ruv, and ipa-replica-manage list -v <hostname>
to see if there are some leftovers


I did notice some of the systems on the network will not carry my kerberos credentials over to another machine when using SSH. The working systems log me in with no problems when using ssh <hostname>. While other systems will prompt me for a password. Has anyone had similar problems and what did they do to fix the problem?

*Michael Rainey*

On 05/31/2016 11:10 PM, Martin Basti wrote:

On 31.05.2016 17:36, Michael Rainey (Contractor) wrote:

Greetings community,

I've run into an interesting problem which may be old hat to all of you. I was working to bring down my IPA master server and did it improperly. It was a rookie mistake, but I'm willing to view it as an exercise in recovering from a massive system failure.

The original master server is gone with no way of recovering and I have managed to replace the server by promoting one of my replicas, but I find myself in a situation where I cannot remove the original master server from the LDAP directory. It is still seen as a master server and the webUI will not let me delete the system from directory server. Is there a process somewhere that will walk me through demoting the old server so I can delete it from the directory and officially promote its replacement?

For reference, I followed the steps located at this link.

Centos 7.2 / freeIPA 4.2

Your help is greatly appreciated.

*Michael Rainey*


can you next time please continue with just one thread please?

You haven't replied if this works for you https://www.redhat.com/archives/freeipa-users/2016-May/msg00521.html


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to