We currently do rsync backups of our server. On an MIT server, you’d want to omit the stash file. But IPA doesn’t use that. Is there anything like that that should be omitted? I’m not sure just how freeipa bootstraps trust when it starts up.
Charles Hedrick via FreeIPA-users freeipa-users@lists.fedorahosted.org writes:
We currently do rsync backups of our server. On an MIT server, you’d want to omit the stash file. But IPA doesn’t use that. Is there anything like that that should be omitted? I’m not sure just how freeipa bootstraps trust when it starts up.
In IPA, we're storing all Kerberos data in LDAP (389ds with a custom KDB). So you'll want to be careful around that - I can't speak to how the LDAP storage works, though.
Thanks, --Robbie
On Mon, Feb 3, 2020 at 10:07 PM Robbie Harwood via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Charles Hedrick via FreeIPA-users freeipa-users@lists.fedorahosted.org writes:
We currently do rsync backups of our server. On an MIT server, you’d want to omit the stash file. But IPA doesn’t use that. Is there anything like that that should be omitted? I’m not sure just how freeipa bootstraps trust when it starts up.
In IPA, we're storing all Kerberos data in LDAP (389ds with a custom KDB). So you'll want to be careful around that - I can't speak to how the LDAP storage works, though.
Indeed. Charles, you might want to have a look at: https://www.freeipa.org/page/Backup_and_Restore
Best regards, François
Thanks, --Robbie _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste...
freeipa-users@lists.fedorahosted.org