[Freeipa-users] Clean up DNS Host Cert and other records from IPA
Martin Kosek
mkosek at redhat.com
Mon Dec 14 12:12:44 UTC 2015
On 12/11/2015 11:55 PM, Andrey Ptashnik wrote:
> Hello Team,
>
> We have many servers in our environment that are on a different stage of their lifecycle. All of them are added to IPA domain. There are cases when servers gets moved, sometimes crash, sometimes are being rebuild or decommissioned. In those cases we need to completely remove server identity from IPA including DNS, Host, Certificate and other associated records.
> What is the most proper way to completely remove client records in case if server needs to be rebuilt with the same host name down the road? (hardware failure happened, server crashed and needs to be rebuild – is a perfect example).
ipa host-del command (can be also with --updatedns flag) should remove all
services and revoke certificates active for the host or service records. Is
that insufficient or maybe not working for you?
Martin
More information about the Freeipa-users
mailing list