[Freeipa-users] freeipa restore backup on a new server

Rakesh Rajasekharan rakesh.rajasekharan at gmail.com
Tue Apr 12 14:57:57 UTC 2016 

Hello David,

I figured that out,

I am adding the ip address in the /etc/hosts file for reverse dns.. this is
coz, am not using the freeipa as a dns.

So, while restoring it still had the earlier entry.

I just corrected it and things worked fine...

Thanks...

On Tue, Apr 12, 2016 at 4:45 PM, David Kupka <dkupka at redhat.com> wrote:

> On 12/04/16 11:26, Rakesh Rajasekharan wrote:
>
>> Hi ,
>>
>> I am running ipa-server verison 4.2 on AWS,and testing the freeipa backup
>> and
>> restore .
>>
>> The restoration works fine if its on the same host, wherin i uninstall
>> freeipa
>> and then install it back and then do a full restore.
>>
>> However, if its a new machine with a different ip, the restoration fails.
>>
>> I am running the restoration from an ansible playbook.. heres the output,
>> that I get
>>
>> Preparing restore from /tmp/ipa/ipa-full-2016-04-12 on
>> test-ipa-master-int.xyz.com <http://test-ipa-master-int.xyz.com>
>> Performing FULL restore from FULL backup
>> Each master will individually need to be re-initialized or
>> re-created from this one. The replication agreements on
>> masters running IPA 3.1 or earlier will need to be manually
>> re-enabled. See the man page for details.
>> Disabling all replication.
>> Stopping IPA services
>> Systemwide CA database updated.
>> Restoring files
>> Systemwide CA database updated.
>> Restoring from userRoot in xyz-COM
>> Restoring from ipaca in xyz-COM
>> Starting IPA services
>> Command ''ipactl' 'start'' returned non-zero exit status 1
>> stdout: Configuring certmonger to stop tracking system certificates for CA
>>
>> Is there a limitation that the ip needs to be the same for a restore to
>> happen
>> or am I missing something.
>>
>> Thanks,
>> Rakesh
>>
>>
>>
>>
> Hello Rakesh,
> it's not possible to determine what happened from information that you
> have sent. Could you please find the service that failed to start and send
> its logs?
>
> I believe that all services in FreeIPA depends on host names and resolve
> IP address from DNS when needed.
> But if DNS server is part of FreeIPA server you're trying to restore it is
> holding old records with old IP addresses. Maybe this is the cause but it's
> just wild guess.
>
> --
> David Kupka
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160412/47fb0544/attachment.htm>

More information about the Freeipa-users mailing list