[Freeipa-users] freeipa restore backup on a new server
David Kupka
dkupka at redhat.com
Tue Apr 12 11:15:02 UTC 2016
On 12/04/16 11:26, Rakesh Rajasekharan wrote:
> Hi ,
>
> I am running ipa-server verison 4.2 on AWS,and testing the freeipa backup and
> restore .
>
> The restoration works fine if its on the same host, wherin i uninstall freeipa
> and then install it back and then do a full restore.
>
> However, if its a new machine with a different ip, the restoration fails.
>
> I am running the restoration from an ansible playbook.. heres the output, that I get
>
> Preparing restore from /tmp/ipa/ipa-full-2016-04-12 on
> test-ipa-master-int.xyz.com <http://test-ipa-master-int.xyz.com>
> Performing FULL restore from FULL backup
> Each master will individually need to be re-initialized or
> re-created from this one. The replication agreements on
> masters running IPA 3.1 or earlier will need to be manually
> re-enabled. See the man page for details.
> Disabling all replication.
> Stopping IPA services
> Systemwide CA database updated.
> Restoring files
> Systemwide CA database updated.
> Restoring from userRoot in xyz-COM
> Restoring from ipaca in xyz-COM
> Starting IPA services
> Command ''ipactl' 'start'' returned non-zero exit status 1
> stdout: Configuring certmonger to stop tracking system certificates for CA
>
> Is there a limitation that the ip needs to be the same for a restore to happen
> or am I missing something.
>
> Thanks,
> Rakesh
>
>
>
Hello Rakesh,
it's not possible to determine what happened from information that you
have sent. Could you please find the service that failed to start and
send its logs?
I believe that all services in FreeIPA depends on host names and resolve
IP address from DNS when needed.
But if DNS server is part of FreeIPA server you're trying to restore it
is holding old records with old IP addresses. Maybe this is the cause
but it's just wild guess.
--
David Kupka
More information about the Freeipa-users
mailing list