On Tue, 1 Feb 2011 12:38:50 -0500
Peter Doherty wrote:
> If I want to start from scratch with the new Beta release, how would
> I dump the entire LDAP/KRB database so that I could import it into a
> new server?
> The Docs mention doing regular backups, but they don't even tell how
> to backup t
On Jan 20, 2011, at 17:32 , Rob Crittenden wrote:
Yes, that was going to be my next question. While throwing any old
self-signed cert in there might get the server up other things won't
work, notably replication.
Ok, here are some steps I worked out that I think will get you back
in bus
Some good news: turning off security has the Directory Server starting
up properly. If the directory server is only accessible within our
small intranet, can we safely run it without security enabled? If this
is theoretically possible it looks like the trick will be to change the
IPA config for A
Ian Stokes-Rees wrote:
Rob,
Thanks for your most recent comments. I'm not sure if I should try these
*before* or *after* the steps described in the 5:32 EST email.
Ian
I think roll back the time to the 15th, disable SSL in 389-ds and bring
the servers back up. Then follow the instructions
Rob,
Thanks for your most recent comments. I'm not sure if I should
try these *before* or *after* the steps described in the 5:32 EST
email.
Ian
___
Freeipa-users mailing list
Freeipa-users@redh
Ian Stokes-Rees wrote:
Some more info:
1. certmonger wasn't running, so I started it. Then I can execute
"ipa-getcert list" but it doesn't return anything.
Ok, your install must have pre-dated our implementation of it.
2. /var/log/ipa/default.log (the only log file in that dir) appears to
Ian Stokes-Rees wrote:
Just so I have the full context, where did the original self-signed
cert come from? The initial cert should have been good for 12 months
so I'm a little confused. Do you know where the initial certificate
came from?
I have to plead ignorance, since it was our regular sy
Some more info:
1. certmonger wasn't running, so I started it. Then I can execute
"ipa-getcert list" but it doesn't return anything.
2. /var/log/ipa/default.log (the only log file in that dir)
appears to show the *new* cert being imported successfu
> Just so I have the full context, where did the original self-signed
> cert come from? The initial cert should have been good for 12 months
> so I'm a little confused. Do you know where the initial certificate
> came from?
I have to plead ignorance, since it was our regular sys admin (away on
va
Ian Stokes-Rees wrote:
Hello,
We have a deployment of IPA that we have been using successfully for 185
days. We are 3 days past the "half year" mark, and the self-signed cert
that was created with the original IPA install (FreeIPA v2 alpha) has
expired. I have created a new self-signed cert, P
Hello,
We have a deployment of IPA that we have been using successfully
for 185 days. We are 3 days past the "half year" mark, and the
self-signed cert that was created with the original IPA install
(FreeIPA v2 alpha) has expired. I have created a new se
11 matches
Mail list logo