Michael Rainey (Contractor) wrote:
Greetings Community,
I have a question about restoring the DNA Ranges on my IPA servers. A
couple of weeks ago I took down one of my servers which involved a few
issues I had created for myself, but luckily I managed to recover.
Today I noticed that the DNA Ranges on the retired server was not
carried over to the new server. After checking my other servers, I also
noticed none of the other servers have any ranges set. So, my primary
question is; if I reset the range values to what they were on the
retired server to the new server, do I run the risk of generating
duplicate UIDs and GIDs, or should I set a new range to prevent
duplicate values?
At this point, I haven't found anything in my research which matches my
current scenario.
You don't mention which version of IPA you have. If you have 4.x+ then
you can use ipa-replica-manage to manage the DNA ranges.
You shouldn't have any problems setting a new range. Being careful about
overlap is good but I'm pretty sure the uniqueness plugin will prevent
duplicate UID/GID but I haven't experimented with it. I typically
recommend ensuring that there is no overlap when setting a new range.
Re-using the range from another server should carry no risk as long as
only one master is offering that range.
rob
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project