I have an eDirectory tree (IDM 4.8.4 with eDirectory 9.2.5) with EBA enabled. I've added new servers to the replica and am now looking into how to move the EBA CA role to decommission the old server. I've enabled EBA on the new servers, but haven't found any good documentation on moving the role. The only thing I've found so far is this section of the documentation https://www.netiq.com/documentation/edirectory-9/edir_admin/data/b1gyn37y.html which only deals with recovering from a lost server, not moving the role in a controlled manner, but How to move Master Partition in EBA enabled tree? seems to indicate that this is the only way?
I've also read through An incomplete look at Enhanced Background Authentication and other warnings about problems occurring if EBA isn't handled properly, so I'm asking if anybody here has experience in moving the EBA CA role?