barrykfl--- via FreeIPA-users wrote: > Hi all: > > any one has better solution of freeipa backup ? assume all ldap db crash > ,all ca fail, no backup of cert ...etc but need cleanly install one with > same hostname. > > and we have /usr/sbin/ipa-backup ldif backup . > > Can I use an old image but restore backĀ ldif such backup? > > or any better solution for clean install with this ldif copy.
If you have a full backup of a master with a CA and have saved it off-machine and your machine dies then you can re-install using the EXACT SAME OPTIONS. Then restore the backup. Then re-initialize all other masters (this should all be documented already). If you have only one master with a CA and it dies and you have no backups then you are pretty much hosed at the moment. IPA is so much more than just an LDIF. _Could_ you use an LDIF to restore the data minus the certs? Yeah, probably, with a whole ton of work and expertise. Would it be worth the trouble and would you ever fully trust that you got it 100% right? The best solution is to maintain multiple masters and > 1 CA. If one dies then you delete it and provision a new master. You can maintain the old name if you want. Or if you use VMs you can use disk snapshots to maintain backups. rob _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
