Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=837366

Changing 3.2 priority

freeipa-devel mail archive thread: https://www.redhat.com/archives/freeipa-devel/2013-January/msg00213.html

master: 076775a

ipa-3-1: 572c3bb

Design page link is not relevant and should be removed as their is no design for what was done or steps to verify what was done.

The link is there because all RFEs require a design. In this case the design is so painfully trivial it isn't worthy of writing up, hence the V3 minor design reference.

Ana, I think if you include the bit of samples from the patch discussion on freeipa-devel that will satisfy the reproduction steps. Perhaps include that in the V3 minor page as well.

Here is some more information/context.

Prior to this change, it was possible to delete the replica containing the only CA/DNS from the replication topology. This patch introduces appropriate errors/warnings when this is attempted.

Below are the steps to verify the change. I have also updated the V3 Minor Enhancements page to include a clearer description of what was done.

Steps to verify:

A. For CA
1. Install IPA server
2. Create a replica without CA
3. Try to delete the server (ipa-replica-manage del server.example.com)

Deletion should abort, as it is not allowed to delete the only CA in the topology.

B. For DNS
1. Install IPA server with DNS
2. Create a replica without DNS
3. Try to delete the server (ipa-replica-manage del server.example.com)

A message should be displayed, warning the user that this is the last DNS in the topology. User confirmation should be required in order to proceed, unless the --force option is specified.