On Nov 5, 2019, at 2:25 AM, Florence Blanc-Renaud via FreeIPA-users <freeipa-users@lists.fedorahosted.org<mailto:freeipa-users@lists.fedorahosted.org>> wrote:
As a general rule, we recommend rebuilding from an existing replica, rather than using backup-restore. Right. Our strategy is * all of our systems are VMs. We take snapshots periodically. So in a failure we would start from a snapshot rather than trying to restore in some way. You could then reinitialize the data from another replica * installing a replica seems to be more reliable than it used to be. I’ve been playing with IPA on Centos 8. I’ve found that remove and recreating replicas works fine, even after errors, though before creating a replica after deleting it, I look through the configuration file and remove some old info before reinstalling. My experience with replicas is documented at https://github.com/clhedrick/kerberos/wiki/Setting-up-new-server-%28replica%29-in-an-existing-system#Clearing_remains_of_old_servers * In general you should be able take a VM snapshot and start it. however I’ve noticed a tendency for /etc/dirsrv/slapd-NAME/dse.ldif to be missing. I now copy this file somewhere safe every few minutes with a cron job.
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
