Hi: the link u provided mentioned similar : 9.2. RESTORING A BACKUP
If you have a directory with a backup created using ipa-backup , you can restore your IdM server or the LDAP content to the state in which they were when the backup was performed. You cannot restore a backup on a host different from the host on which the backup was originally created Is it meant if I clean install using same host name ( a total new host) and restore using the backup it will fail right ?.. The disaster meant all hosts fail I need clean install the first host can I use the that restore method ? 2018-03-05 16:31 GMT+08:00 Florence Blanc-Renaud <f...@redhat.com>: > On 04/03/2018 02:28, barrykfl--- via FreeIPA-users wrote: > >> Tried those command before ,,,seem the web page and LDAP separate or I >> missed some parts. >> it can turn on the ldap but the web page not allow to login ...mostly it >> related to ? >> >> Hi, > > on which system do you have trouble accessing the web GUI? the master? > In this case, can you paste the exact command you ran for restore, and the > exact error message you see when trying to authenticate to the web? The > httpd error log may also be helpful (/var/log/httpd/error). > > Flo > > 2018-03-02 17:24 GMT+08:00 Florence Blanc-Renaud <f...@redhat.com <mailto: >> f...@redhat.com>>: >> >> On 01/03/2018 10:37, barrykfl--- via FreeIPA-users wrote: >> >> ic ..but the full restore can success run in clean installed >> master with new CA overwrite? >> >> e.g. master with CA and ldap all crashed with replication >> servers but data aslo crashed...can it be use as restore using >> the same hostname and rebuild the replication agreements with >> others? >> >> Hi, >> >> yes, the doc explains how to restore in a multi-master environment: >> https://access.redhat.com/documentation/en-us/red_hat_enterp >> rise_linux/7/html/linux_domain_identity_authentication_and_ >> policy_guide/restore#restore-multiple-masters >> <https://access.redhat.com/documentation/en-us/red_hat_enter >> prise_linux/7/html/linux_domain_identity_authentication_and_ >> policy_guide/restore#restore-multiple-masters> >> >> HTH, >> Flo >> >> 2018-03-01 15:19 GMT+08:00 Florence Blanc-Renaud <f...@redhat.com >> <mailto:f...@redhat.com> <mailto:f...@redhat.com >> <mailto:f...@redhat.com>>>: >> >> On 03/01/2018 12:10 AM, barrykfl--- via FreeIPA-users wrote: >> >> any ref. full backup.of 4.5? >> I only can found v3 . will it recover all cert ca >> related ? I >> tried such recover in v3 it seem it broken the >> relationship of >> others agreement. or I missed the backup of some files. >> >> Hi, >> >> you can find the doc for 4.5 in >> https://access.redhat.com/documentation/en-us/red_hat_enterp >> rise_linux/7/html/linux_domain_identity_authentication_and_ >> policy_guide/backup-restore >> <https://access.redhat.com/documentation/en-us/red_hat_enter >> prise_linux/7/html/linux_domain_identity_authentication_and_ >> policy_guide/backup-restore> >> <https://access.redhat.com/doc >> umentation/en-us/red_hat_enterprise_linux/7/html/linux_domai >> n_identity_authentication_and_policy_guide/backup-restore >> <https://access.redhat.com/documentation/en-us/red_hat_enter >> prise_linux/7/html/linux_domain_identity_authentication_and_ >> policy_guide/backup-restore>> >> >> The full backup of a master with CA also contains the certs >> and the CA. >> >> HTH, >> Flo >> >> is it possible to use very old vm image plus the >> regular ldif >> backup recovery? >> >> 2018年3月1日 上午7:02 於 "Rob Crittenden" >> <rcrit...@redhat.com <mailto:rcrit...@redhat.com> >> <mailto:rcrit...@redhat.com >> <mailto:rcrit...@redhat.com>> <mailto:rcrit...@redhat.com >> >> <mailto:rcrit...@redhat.com> >> >> <mailto:rcrit...@redhat.com >> <mailto:rcrit...@redhat.com>>>> 寫道: >> >> barrykfl--- via FreeIPA-users wrote: >> > Hi all: >> > >> > any one has better solution of freeipa backup ? >> assume >> all ldap >> db crash >> > ,all ca fail, no backup of cert ...etc but need >> cleanly >> install >> one with >> > same hostname. >> > >> > and we have /usr/sbin/ipa-backup ldif backup . >> > >> > Can I use an old image but restore back ldif >> such backup? >> > >> > or any better solution for clean install with >> this ldif >> copy. >> >> If you have a full backup of a master with a CA >> and have >> saved it >> off-machine and your machine dies then you can >> re-install >> using the >> EXACT SAME OPTIONS. >> >> Then restore the backup. Then re-initialize all >> other >> masters (this >> should all be documented already). >> >> If you have only one master with a CA and it dies >> and you >> have no >> backups then you are pretty much hosed at the >> moment. >> >> IPA is so much more than just an LDIF. >> >> _Could_ you use an LDIF to restore the data minus >> the >> certs? Yeah, >> probably, with a whole ton of work and expertise. >> Would it >> be worth the >> trouble and would you ever fully trust that you >> got it 100% >> right? >> >> The best solution is to maintain multiple masters >> and > 1 >> CA. If one >> dies then you delete it and provision a new >> master. You can >> maintain the >> old name if you want. >> >> Or if you use VMs you can use disk snapshots to >> maintain >> backups. >> >> rob >> >> >> >> _______________________________________________ >> FreeIPA-users mailing list -- >> freeipa-users@lists.fedorahosted.org >> <mailto:freeipa-users@lists.fedorahosted.org> >> <mailto:freeipa-users@lists.fedorahosted.org >> <mailto:freeipa-users@lists.fedorahosted.org>> >> To unsubscribe send an email to >> freeipa-users-le...@lists.fedorahosted.org >> <mailto:freeipa-users-le...@lists.fedorahosted.org> >> <mailto:freeipa-users-le...@lists.fedorahosted.org >> <mailto:freeipa-users-le...@lists.fedorahosted.org>> >> >> >> >> >> >> _______________________________________________ >> FreeIPA-users mailing list -- >> freeipa-users@lists.fedorahosted.org >> <mailto:freeipa-users@lists.fedorahosted.org> >> To unsubscribe send an email to >> freeipa-users-le...@lists.fedorahosted.org >> <mailto:freeipa-users-le...@lists.fedorahosted.org> >> >> >> >> >> >> _______________________________________________ >> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org >> To unsubscribe send an email to freeipa-users-le...@lists.fedo >> rahosted.org >> >> >
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org