Re: [Freeipa-users] Scorched earth

[Rob Crittenden]

Bret Wortman wrote:

Today, I'm going to wipe my master, install f18 from scratch, then
install the freeipa-server RPMs again and manually load all our hosts,
dns entries, and users from scratch (I'm building scripts to do this for
me using the command line tools). We'll then do the same for each
replica so that our system will basically be starting clean again.

Are there any files that I really ought to back up and restore as part
of this effort, like certificates, that might make it easier for clients
to deal with us after the master comes back on line? Or am I safe to
just nuke the box and start clean?


You'll end up with a new CA so you'll need to re-enroll any client 
machines. Browsers will see the most grief as there will be a different 
CA with the same subject.


Depending on how you are migrating your users they will all likely need 
to reset their passwords, or go through the migration step.


rob

___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

[Freeipa-users] Scorched earth

[Bret Wortman]

Today, I'm going to wipe my master, install f18 from scratch, then install
the freeipa-server RPMs again and manually load all our hosts, dns entries,
and users from scratch (I'm building scripts to do this for me using the
command line tools). We'll then do the same for each replica so that our
system will basically be starting clean again.

Are there any files that I really ought to back up and restore as part of
this effort, like certificates, that might make it easier for clients to
deal with us after the master comes back on line? Or am I safe to just nuke
the box and start clean?

*
*
*Bret Wortman*

http://damascusgrp.com/
http://about.me/wortmanbret
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users