Hi!
I've been doing backups using the tool like this:
ipa-backup --data --online
I didn't want any configuration to be backed up, since it is managed
from a chef recipe.
However, when I tried to recover the backup to a fresh FreeIPA
install, Kerberos (GSSAPI) broke — I can't authenticate myself
On 23/02/16 20:21, Marat Vyshegorodtsev wrote:
Hi!
I've been doing backups using the tool like this:
ipa-backup --data --online
I didn't want any configuration to be backed up, since it is managed
from a chef recipe.
However, when I tried to recover the backup to a fresh FreeIPA
install, Kerbe
David Kupka wrote:
> On 23/02/16 20:21, Marat Vyshegorodtsev wrote:
>> Hi!
>>
>> I've been doing backups using the tool like this:
>> ipa-backup --data --online
>>
>> I didn't want any configuration to be backed up, since it is managed
>> from a chef recipe.
>>
>> However, when I tried to recover t
> Are you just toying with this or did something go horribly wrong and
you're trying to restore a production environment?
This. :-(
I have actually rebuilt the environment from scratch, then wrote a
perl script that just recreated all users from the ldif using ipa
user-add and reset password for
On (24/02/16 14:28), Marat Vyshegorodtsev wrote:
>> Are you just toying with this or did something go horribly wrong and
>you're trying to restore a production environment?
>
>This. :-(
>
>I have actually rebuilt the environment from scratch, then wrote a
>perl script that just recreated all users
I don't know why, but half of my hosts refused to talk to IPA over
kerberos, even after I have re-enrolled them and put new keytabs.
I ended up dropping sssd-ipa over sssd-ldap and it is working like a
charm (over LDAPS though).
Frankly, debugging and working with Kerberos has been a nightmare...