Ronald Wimmer via FreeIPA-users wrote: > On 10.03.21 17:10, Rob Crittenden via FreeIPA-users wrote: >> Ronald Wimmer via FreeIPA-users wrote: >>> Hi, >>> >>> is there a way to export all IPA configuration and import it on a new >>> server? For instance to resetup everything from scratch or if purchasing >>> forces us to switch to a completely different distro. >> >> The typical way to move an IPA installation to a different distro is to >> create a new replica on that distro then decommission the old one. > > That's exactly what we did. (according to the RHEL documentation) But I > fear there were errors before and I was not aware of the healthcheck > command at that point in time. > >> Or do you want to abandon your current install and start over fresh but >> retain your users, groups, etc? > > ipa-healthcheck reveals several ReplicationConflictCheck errors on each > of our eight ipa servers. What would you propose in order to get rid of > them?
Follow the docs: https://access.redhat.com/documentation/en-us/red_hat_directory_server/10/html/administration_guide/managing_replication-solving_common_replication_conflicts > Additionally, there are CA troubles on two of four CA servers in that > particular setup. > > What would probably be the best way to fix all the problems? Where > should I start? Which road should I take (Fix errors server by server? > decommissioning all seven replicas and re-setup them from scratch?) "CA troubles" isn't exactly enlightening. In general, read the logs. For the CA reading top-down from the latest start is generally recommended. And ensure you don't have expired certificates. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
