0

I use FreeIPA on a server, a Centos Server 8 (a main and replica). This is used to authenticate system users, for logon purposes by using SSH key authentication, and also hosting DNS name records. A particular instance had issues with contacting the main FreeeIPA server which seemingly could not obtain the proper token to allow a user to log in. As part of troubleshooting, I attempted to remove this system from IPA membership and re-enroll. On the client machine, I ran the command ipa server-del <IPA FQDN> which seems to have permanently deleted the IPA server service itself from the topology. Fresh access to the IPA HTTP portal is denied, new machines cannot be added to IPA, nor can new users. An existing HTTP session I had, kept working and I tried re-adding whatever records I could to replicate the working setup, but this could not be completed in any way. I have no recent backup of the IPA system and it seems that my action is irreversible, given that the main DNS service has been deleted. The only solution that seems to possibly work is to reinstall the service by using ipa server-add although this is also complaining that IPA server is already configured on this system. If you want to reinstall the IPA server, please uninstall it first using ipa-serrver-install --uninstall.

I want to keep my host, users, and all other settings. I tried to take a current backup which reflects the broken DNS. With the reinstall and restoration of this backup, I still have the same problem as before. Is there any way I can reinstall the service while keeping hosts/groups/users intact, but restoring the main DNS topology?

0

You must log in to answer this question.

Browse other questions tagged .