[Freeipa-users] Deleting a down ipa master?
Rob Crittenden
rcritten at redhat.com
Thu May 2 18:48:58 UTC 2013
Nathan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> On 05/02/2013 01:56 PM, Rob Crittenden wrote:
>> $ ldapsearch -LLL -x -b
>> cn=oldmaster.example.com,cn=masters,cn=ipa,cn=etc,dc=example,dc=com
>> dn
>>
>> Then carefully paste each dn, minus the dn:, in REVERSE order, to:
>>
>> $ ldapdelete -x -D 'cn=Directory Manager' -w cn=HTTP... cn=ldap...
>>
>> ^D to exit
>
> My ipa domain is "systems.lafayette.edu", so I had to work that into
> your search string, but I think I have it.
>
> So, here's some output.
>
> [root at caroline0 PROD ~]# ldapsearch -LLL -x -b
> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
> dn
> dn:
> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayett
> e,dc=edu
>
> So, from your ldapdelete example, would I.....
>
> $ ldapdelete -x -D 'cn=Directory Manager' -w
> cn=caroline1.lafayette.edu,cn=masters,cn=ipa,cn=etc,dc=systems,dc=lafayette,dc=edu
> ^D
Yup, use -W to prompt, or -w <password> to pass on cli.
Note that this confirms that IPA doesn't think this server is actually
providing any services.
rob
More information about the Freeipa-users
mailing list