[Freeipa-users] Antwort: Re: dirsrv keytab revoked
Christoph Kaminski
christoph.kaminski at biotronik.com
Fri May 29 09:56:37 UTC 2015
Martin Kosek <mkosek at redhat.com> schrieb am 29.05.2015 10:06:45:
>
> Running ipa-getkeytab on this replica is tricky - as if replication
> is down and
> you do this, the old key is revoked and new one is generated - which is
not
> known for the other master as replication is not working and you get in
a
> strange situation.
>
> You can try to log to your active master, do ipa-getkeytab for the
broken
> replica, copy the keytab there, restart DS and then run re-
> initialize to reload
> all the data from active master. It may work.
>
> > Or it is better to destroy it and do a new install?
>
> That may be even faster for the making that particular replica up and
running
> again, if you do not want to dig too much in this issue.
yep done it on other replica and it works, thx!
MfG
Christoph Kaminski
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150529/dfe9127d/attachment.htm>
More information about the Freeipa-users
mailing list