[Freeipa-users] Re: FreeIPA for the maximally paranoid and overworked?

2019-01-13 Thread K. M. Peterson via FreeIPA-users
Charles, Helpful fo know. The snapshot methodology is what we’ve done as well, though we haven’t yet put it fully into production; I’ll still hold my breath if we need it, but it’s good to hear it has worked for you. Thanks! On Wed, Jan 9, 2019 at 13:28 Charles Hedrick wrote: > Rob mentioned

[Freeipa-users] Re: FreeIPA for the maximally paranoid and overworked?

2019-01-09 Thread K. M. Peterson via FreeIPA-users
enldap/ldap.conf with a single "#" line, re-spun the server and installed the client and ipa-replica-install - and everything is working as expected now. Again, many thanks! On Tue, Jan 8, 2019 at 5:25 PM Rob Crittenden wrote: > K. M. Peterson via FreeIPA-users wrote: > &g

[Freeipa-users] Re: ipa-replica-manage --force replica.server fails

2019-01-09 Thread K. M. Peterson via FreeIPA-users
by that point. Sorry not to be more helpful... On Tue, Jan 8, 2019 at 5:12 PM Rob Crittenden wrote: > K. M. Peterson via FreeIPA-users wrote: > > I'm going to reply to myself, after several more hours of digging, I > > discovered that although it wasn't true at the time I posted the abo

[Freeipa-users] FreeIPA for the maximally paranoid and overworked?

2019-01-06 Thread K. M. Peterson via FreeIPA-users
Hi all, This is a newbie question with respect to FreeIPA, and I haven't seen this elsewhere, so I thought I'd ask. I've just cleaned up an issue with trying to implement a new replica on our domain, and I've realized that there are a couple of areas I don't understand that are causing more

[Freeipa-users] Re: ipa-replica-manage --force replica.server fails

2019-01-06 Thread K. M. Peterson via FreeIPA-users
I'm going to reply to myself, after several more hours of digging, I discovered that although it wasn't true at the time I posted the above question, eventually, as with the original post from Lachlan Musicman ,

[Freeipa-users] Re: ipa-replica-manage --force replica.server fails

2019-01-05 Thread K. M. Peterson via FreeIPA-users
Hate _hate_ to open old threads, but... I'm also seeing this. I've been trying to add another replica to our topology (this would be on a different subnet than the current pair); the ipa-replica-install command has been failing for various reasons that I've been fixing or circumventing and I've