[Freeipa-users] freeipa master server disaster recovery
James Roman
james.roman at ssaihq.com
Thu Apr 8 12:44:53 UTC 2010
> The bug outlines how to promote a replica to be the primary "master".
> You basically just need to import the CA and setup the serial number
> file.
>
> So lets say you had a master and 2 replicas. In reality the only thing
> that differentiates the first master is that it was installed first so
> has the CA. As far as data replication goes there is no distinction,
> they are all equal.
>
Along these lines, does this mean if I have imported certificates signed
by a third party CA on all my freeipa servers, that all I would need to
do is update the replication agreements (in my case for freeIPA and AD)?
More information about the Freeipa-users
mailing list