[Freeipa-users] IPA Query Tuning and a Recovery Question
Rich Megginson
rmeggins at redhat.com
Mon Sep 9 16:32:01 UTC 2013
On 09/09/2013 10:20 AM, Charlie Derwent wrote:
> Hi,
> 2 questions, some of our automation accounts are needlessly querying
> the IPA server every time they call a command via sudo. This is
> generating a lot of noise in our access logs. Is there any way to
> ensure certain system accounts don't call out to the IPA server for
> additional groups or sudo permission when completing tasks?
What are your client platforms? Does sssd or newer versions of sudo cache?
> The other question is slightly more embarrassing, one of our guys saw
> /var filling and noticed that /var/lib/dirsrv/slapd-EXAMPLE-COM/db/
> had a load of "log" files which looked like they weren't being tidied.
They are automatically cleaned up. If you have a lot of updates, it may
take longer.
> One stupid decision later and I'm now here asking on his behalf if
> there is anyway of restoring the database from a replica or is a
> complete rebuild required?
Just reinit the replica using ipa-replica-manage.
> Second question is obviously a little bit more urgent than the first
> but any advice is greatly appreciated.
> Thanks,
> Charlie
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130909/3ed351c6/attachment.htm>
More information about the Freeipa-users
mailing list