Bug 831526 - Replica removal steps are not right and dangerous
Replica removal steps are not right and dangerous
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: doc-Identity_Management_Guide (Show other bugs)
Unspecified Unspecified
unspecified Severity high
: rc
: ---
Assigned To: Deon Ballard
: Documentation
Depends On:
  Show dependency treegraph
Reported: 2012-06-13 04:50 EDT by Martin Kosek
Modified: 2012-06-27 09:28 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-06-27 09:28:10 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Martin Kosek 2012-06-13 04:50:24 EDT
Description of problem:

Replica removal steps in this link:


contain an invalid and dangerous Step 3 - running the set of "ipa-replica-manage del SERVER" removes  all replication agreements and data about SERVER, which will practically disable all installed replicas but the one it is running on.

I assume that originally this should have been an "ipa-replica-manage disconnect SERVER" command.

Since a part of "ipa-replica-manage del SERVER" command is a connection to all active replicas and removing agreements between such replica and deleted SERVER, I think these steps should be enough:

3) On another IPA server, remove all replication agreements and data about the replica:
[root@ipaserver ~]# ipa-replica-manage del replica.example.com

4) Uninstall the replica.
[root@replica ~]# ipa-server-install --uninstall -U
Comment 2 Martin Kosek 2012-06-13 05:20:22 EDT
We should also probably add a note about ipa-csreplica-manage which can be used to remove replication agreements for the CA Directory Server instance - if the replica has a CA configured.
Comment 5 John Skeoch 2012-06-27 01:27:11 EDT
Verified the information in Comment#0 and #2 has been incorperated into the guide:



Note You need to log in before you can comment on or make changes to this bug.