[Freeipa-users] IPA V3 Backup and recovery
Rob Crittenden
rcritten at redhat.com
Sat Nov 29 17:24:12 UTC 2014
Petr Vobornik wrote:
> On 11/28/2014 10:39 AM, Eldo Joseph wrote:
>> Hi All,
>> Can some one help me, with the best practices which can be used for
>> IPAV3 backup and recovery, currently it is been a kind of single
>> point of failure.
>> Current infrastructure: One Master serverFive clients.
>> I've tried with db2bak and bak2db features, I was able for a
>> successful restore. how ever IPA admintools commands are failing with
>> this error.
>> (info): TGS_REQ (4 etypes {18 17 16 23}) xx.xx.xx.xx : PROCESS_TGS:
>> authtime 0, <unknown client> for <unknown server>, Decrypt integrity
>> check failed
>> Thanks,Eldo.
>>
> Hello Eldo,
>
> sounds like: https://fedorahosted.org/freeipa/ticket/4726
>
> try to run:
> sudo -u apache kdestroy
> after the restore
You may also want to look at the design for backup and restore,
http://www.freeipa.org/page/V3/Backup_and_Restore . Quite a lot needs to
happen for a proper backup and restore, particularly since you have
multiple masters.
rob
More information about the Freeipa-users
mailing list