I've got a one system setup now and would like to create a replica and ensure survivability as much as possible. Will this do the trick? Obviously the first is run on the current master and the second on the new replica...
# ipa-replica-prepare newserver.my.net --ip-address=192.168.1.50
# ipa-replica-install --setup-dns --setup-ca --no-forwarders /path/to/replica-info-newserver.my.net.gpg
On 01/03/2018 18:11, Bret Wortman via FreeIPA-users wrote:
I've got a one system setup now and would like to create a replica and ensure survivability as much as possible. Will this do the trick? Obviously the first is run on the current master and the second on the new replica...
# ipa-replica-prepare newserver.my.net --ip-address=192.168.1.50
# ipa-replica-install --setup-dns --setup-ca --no-forwarders /path/to/replica-info-newserver.my.net.gpg
Hi,
the procedure depends on your domain level. In order to find which domain-level you are using: # ipa domainlevel-get ----------------------- Current domain level: 1 -----------------------
If domain-level is 0, then you need to create a replica file and install the replica by providing this replica file (the instructions you wrote above). The procedure is documented here [1].
If domain-level is 1, then the procedure is different. You can first enroll the host as an IPA client with ipa-client-install, and then promote it to a replica with ipa-replica-install (no replica file provided), or do the 2 steps in ipa-replica-install (if you provide all the required options). More information here [2]
HTH, Flo
[1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm... [2] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
-- photo
*Bret Wortman* President, Damascus Products LLC 855-644-2783 tel:855-644-2783 | 303-523-8037 tel:303-523-8037 | bret@damascusproducts.com mailto:bret@damascusproducts.com | http://damascusproducts.com/ | 10332 Main St Suite 319 Fairfax, VA 22030 http://facebook.com/wrapbuddiesco http://twitter.com/wrapbuddiesco http://instagram.com/wrapbuddies
https://facebook.com/wrapbuddiescohttps://instagram.com/wrapbuddies
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
On 03/02/2018 04:15 AM, Florence Blanc-Renaud wrote:
On 01/03/2018 18:11, Bret Wortman via FreeIPA-users wrote:
I've got a one system setup now and would like to create a replica and ensure survivability as much as possible. Will this do the trick? Obviously the first is run on the current master and the second on the new replica...
# ipa-replica-prepare newserver.my.net --ip-address=192.168.1.50
# ipa-replica-install --setup-dns --setup-ca --no-forwarders /path/to/replica-info-newserver.my.net.gpg
Hi,
the procedure depends on your domain level. In order to find which domain-level you are using:
# ipa domainlevel-get
Current domain level: 1
If domain-level is 0, then you need to create a replica file and install the replica by providing this replica file (the instructions you wrote above). The procedure is documented here [1].
If domain-level is 1, then the procedure is different. You can first enroll the host as an IPA client with ipa-client-install, and then promote it to a replica with ipa-replica-install (no replica file provided), or do the 2 steps in ipa-replica-install (if you provide all the required options). More information here [2]
HTH, Flo
[1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm... [2] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/htm...
-- photo
*Bret Wortman* President, Damascus Products LLC 855-644-2783 tel:855-644-2783 | 303-523-8037 tel:303-523-8037 | bret@damascusproducts.com mailto:bret@damascusproducts.com | http://damascusproducts.com/ | 10332 Main St Suite 319 Fairfax, VA 22030 http://facebook.com/wrapbuddiesco http://twitter.com/wrapbuddiesco http://instagram.com/wrapbuddies
https://facebook.com/wrapbuddiescohttps://instagram.com/wrapbuddies
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Perfect! Thanks. Every time I need to do something like this, I discover some great advances you all have made which makes life easier than last time.
My CA is level 1, so I'll proceed after reading your linked reference. Thanks, Flo!
Bret
freeipa-users@lists.fedorahosted.org