[Freeipa-users] Scorched earth
Rob Crittenden
rcritten at redhat.com
Wed Aug 28 13:56:24 UTC 2013
Bret Wortman wrote:
> Today, I'm going to wipe my master, install f18 from scratch, then
> install the freeipa-server RPMs again and manually load all our hosts,
> dns entries, and users from scratch (I'm building scripts to do this for
> me using the command line tools). We'll then do the same for each
> replica so that our system will basically be starting clean again.
>
> Are there any files that I really ought to back up and restore as part
> of this effort, like certificates, that might make it easier for clients
> to deal with us after the master comes back on line? Or am I safe to
> just nuke the box and start clean?
You'll end up with a new CA so you'll need to re-enroll any client
machines. Browsers will see the most grief as there will be a different
CA with the same subject.
Depending on how you are migrating your users they will all likely need
to reset their passwords, or go through the migration step.
rob
More information about the Freeipa-users
mailing list