> Le 28 août 2015 à 17:41, Alexander Bokovoy <[email protected]> a écrit : > > On Fri, 28 Aug 2015, Alexandre Ellert wrote: >> >>> Le 28 août 2015 à 17:09, Alexander Bokovoy <[email protected]> a écrit : >>> >>> On Wed, 26 Aug 2015, Alexandre Ellert wrote: >>>> >>>>> Le 28 juil. 2015 à 05:59, Alexander Bokovoy <[email protected]> a écrit >>>>> : >>>>>> If the problem is too hard to solve, maybe I should try to deploy another >>>>>> replica ? >>>>> You may try that. Sorry for not responding, I have some other tasks that >>>>> occupy my time right now. >>>>> >>>> >>>> >>>> Can you please tell me the procedure to decommission and re-create a new >>>> replica ? >>>> Are "ipa-server-install —uninstall" then "ipa-server-install" the only >>>> things to do ? >>> No, you need also to remove the server from the replication topology. >>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/removing-replica.html >>> >>> -- >>> / Alexander Bokovoy >> >> I can’t remove the node on which I have problem with pki-tomcatd : >> >> # ipa-replica-manage del xxxx.example.com >> Deleting a master is irreversible. >> To reconnect to the remote master you will need to prepare a new replica file >> and re-install. >> Continue to delete? [no]: yes >> Deleting this server is not allowed as it would leave your installation >> without a CA >> >> I seem that it’s the only node where CA is installed. What should I do now ? > Add a replica with CA using ipa-ca-install on existing replica. > > Read the guide, it has detailed coverage of these situations. > -- > / Alexander Bokovoy
On the first node (which is working and without pki-tomcatd service) # ipa-ca-install Directory Manager (existing master) password: CA is already installed. How is it possible ? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
