[Freeipa-users] where to disable components?
Rob Crittenden
rcritten at redhat.com
Wed Apr 1 02:47:10 UTC 2015
Janelle wrote:
> Hello again...
>
> Looking around, but probably just not in the right place. I would like
> to be able to disable httpd on all but a pair of servers, so we kind of
> force all updates to come from a "master" and "slave" pair. Just trying
> to keep updates defined to 2 servers rather than all of them in an 8
> server configuration.
>
> Where might I find that? Or is it possible? Will it break anything?
>
> thank you
> ~J
>
Not sure the complete reasoning behind that but...
The safest route would be to just firewall ports 80 and 443 off. There
is a way to tell ipactl to not start a service but I haven't thought
through the implications.
The CA interfaces on those machines will also be inaccessible.
rob
More information about the Freeipa-users
mailing list