[Freeipa-users] Dogtag reinitialization
Lucas Yamanishi
lyamanishi at sesda2.com
Wed Aug 8 20:19:22 UTC 2012
Is there any way to completely reinitialize the Dogtag instance atomically?
My PKI-IPA directory looks like this:
> ldapsearch -x -h localhost -p 7389 -D "cn=directory manager" -W -b 'o=ipaca' 'objectClass=*'
> Enter LDAP Password:
> # extended LDIF
> #
> # LDAPv3
> # base <o=ipaca> with scope subtree
> # filter: objectClass=*
> # requesting: ALL
> #
>
> # ipaca
> dn: o=ipaca
> objectClass: top
> objectClass: organization
> o: ipaca
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 2
> # numEntries: 1
It's like that on both my master and replica, and my backups don't go
back far enough. I think something happened during replica management,
but I'm not sure. I haven't used the full range of PKI features up to
this point, so this isn't a huge issue for me just yet. In any case, I
imagine it will become a big deal at some point, if not for my usage,
for management of the IPA instance as a whole.
So, how can I fix this? I do have the private key, if that's any use.
--
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
NASA Space and Earth Science Data Analysis (606.9)
7515 Mission Drive, Suite A100
Lanham, MD 20706 * 301-352-4646 * 0xE23F3D7A
More information about the Freeipa-users
mailing list