Bug 831526 - Replica removal steps are not right and dangerous
Replica removal steps are not right and dangerous
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: doc-Identity_Management_Guide (Show other bugs)
6.4
Unspecified Unspecified
unspecified Severity high
: rc
: ---
Assigned To: Deon Ballard
ecs-bugs
: Documentation
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-13 04:50 EDT by Martin Kosek
Modified: 2012-06-27 09:28 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-27 09:28:10 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Martin Kosek 2012-06-13 04:50:24 EDT
Description of problem:

Replica removal steps in this link:

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Identity_Management_Guide/removing-replica.html

contain an invalid and dangerous Step 3 - running the set of "ipa-replica-manage del SERVER" removes  all replication agreements and data about SERVER, which will practically disable all installed replicas but the one it is running on.

I assume that originally this should have been an "ipa-replica-manage disconnect SERVER" command.

Since a part of "ipa-replica-manage del SERVER" command is a connection to all active replicas and removing agreements between such replica and deleted SERVER, I think these steps should be enough:

3) On another IPA server, remove all replication agreements and data about the replica:
[root@ipaserver ~]# ipa-replica-manage del replica.example.com

4) Uninstall the replica.
[root@replica ~]# ipa-server-install --uninstall -U
Comment 2 Martin Kosek 2012-06-13 05:20:22 EDT
We should also probably add a note about ipa-csreplica-manage which can be used to remove replication agreements for the CA Directory Server instance - if the replica has a CA configured.
Comment 5 John Skeoch 2012-06-27 01:27:11 EDT
Verified the information in Comment#0 and #2 has been incorperated into the guide:

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/removing-replica.html

Red_Hat_Enterprise_Linux-Identity_Management_Guide-6-en-US-2.2.0-1

Note You need to log in before you can comment on or make changes to this bug.