On 08/28/2015 05:46 PM, Alexandre Ellert wrote:
Le 28 août 2015 à 17:41, Alexander Bokovoy <[email protected]> a écrit :
On Fri, 28 Aug 2015, Alexandre Ellert wrote:
Le 28 août 2015 à 17:09, Alexander Bokovoy <[email protected]> a écrit :
On Wed, 26 Aug 2015, Alexandre Ellert wrote:
Le 28 juil. 2015 à 05:59, Alexander Bokovoy <[email protected]> a écrit :
If the problem is too hard to solve, maybe I should try to deploy another
replica ?
You may try that. Sorry for not responding, I have some other tasks that
occupy my time right now.
Can you please tell me the procedure to decommission and re-create a new
replica ?
Are "ipa-server-install —uninstall" then "ipa-server-install" the only things
to do ?
No, you need also to remove the server from the replication topology.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/removing-replica.html
--
/ Alexander Bokovoy
I can’t remove the node on which I have problem with pki-tomcatd :
# ipa-replica-manage del xxxx.example.com
Deleting a master is irreversible.
To reconnect to the remote master you will need to prepare a new replica file
and re-install.
Continue to delete? [no]: yes
Deleting this server is not allowed as it would leave your installation without
a CA
I seem that it’s the only node where CA is installed. What should I do now ?
Add a replica with CA using ipa-ca-install on existing replica.
Read the guide, it has detailed coverage of these situations.
--
/ Alexander Bokovoy
On the first node (which is working and without pki-tomcatd service)
# ipa-ca-install
Directory Manager (existing master) password:
CA is already installed.
How is it possible ?
You must provide a replica file as an argument to ipa-ca-install if you
want to setup CA on another replica.
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
