[Freeipa-users] FreeIPA4.2: Recovering from an IPA master server failure
Michael Rainey (Contractor)
michael.rainey.ctr at nrlssc.navy.mil
Wed Jun 1 18:34:48 UTC 2016
My apologies for the duplicate thread, but from my vantage point I did
not see any signs of my message making it to the mailing list. My
original message was not posted back to me, nor was your reply posted to me.
Now back to your reply. I did try the command you suggested and it does
appear to have removed the last remnants of my first server. Are there
any additional steps I should perform to verify things are as they once
were?
I did notice some of the systems on the network will not carry my
kerberos credentials over to another machine when using SSH. The
working systems log me in with no problems when using ssh <hostname>.
While other systems will prompt me for a password. Has anyone had
similar problems and what did they do to fix the problem?
*Michael Rainey*
On 05/31/2016 11:10 PM, Martin Basti wrote:
>
>
>
> On 31.05.2016 17:36, Michael Rainey (Contractor) wrote:
>>
>> Greetings community,
>>
>> I've run into an interesting problem which may be old hat to all of
>> you. I was working to bring down my IPA master server and did it
>> improperly. It was a rookie mistake, but I'm willing to view it as
>> an exercise in recovering from a massive system failure.
>>
>> The original master server is gone with no way of recovering and I
>> have managed to replace the server by promoting one of my replicas,
>> but I find myself in a situation where I cannot remove the original
>> master server from the LDAP directory. It is still seen as a master
>> server and the webUI will not let me delete the system from directory
>> server. Is there a process somewhere that will walk me through
>> demoting the old server so I can delete it from the directory and
>> officially promote its replacement?
>>
>> For reference, I followed the steps located at this link.
>>
>> Centos 7.2 / freeIPA 4.2
>>
>> Your help is greatly appreciated.
>>
>> --
>> *Michael Rainey*
>>
>>
>
> Hello,
>
> can you next time please continue with just one thread please?
>
> You haven't replied if this works for you
> https://www.redhat.com/archives/freeipa-users/2016-May/msg00521.html
>
> regards,
> Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160601/5d73bdb5/attachment.htm>
More information about the Freeipa-users
mailing list