[Freeipa-users] Disaster Recovery Best Practices?
Rich Megginson
rmeggins at redhat.com
Fri Apr 20 15:47:48 UTC 2012
On 04/20/2012 08:46 AM, Brian Cook wrote:
>
> On Apr 16, 2012, at 12:40 PM, Dmitri Pal wrote:
>
>>> 2) What is everyone else doing to prepare IPA for a DR? I've read
>>> that the best way to do it is to turn off the IPA services on a
>>> replica and then back that replica up. I also read that this will
>>> miss some important files that only exist on the master.
>>
>> That is the case when you use selfsigned cert but the preferred and
>> default configuration is not with the self-signed certs. It was in the
>> past but not any more. Currently when you install IPA and then replicas
>> there is no difference between master and replicas (if you installed CA
>> on the replica) so picking any one and recycling is possible. You won't
>> loose anything.
>
> Can 389DS produce a full 'backup' in an LDIF of schema / objects while
> running?
While running - yes
Here is a document that describes 389 database management:
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Populating_Directory_Databases.html
Schema files can just be copied/tarred from /etc/dirsrv/slapd-*/schema
The real question is - how does this work with IPA?
>
> -Brian
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120420/e4a9fa78/attachment.htm>
More information about the Freeipa-users
mailing list