I'm having trouble to set the IPA domain level to 1.
When I run the command:
ipa domainlevel-set 1
ipa: ERROR: Domain Level cannot be raised to 1, existing replication conflicts
have to be resolved.
At the moment we have just two IPA server.
I have tried to uninstall all replicas, keeping only first ipa master, but the
same error occurred.
While running only one IPA server without any replica, I used
ipa-replica-manage list-ruv and clean-ruv to delete all RUVs, but was still
unable to raise the domain level.
OS: RHEL 7.3, updated to last IPA version ipa-server-4.4.0-14.
First version of IPA server installed was on RHEL 7.2, then updated to RHEL 7.3.
This is described in RHBA-2017:0089-1
Previously, if an Identity Management (IdM) upgrade ran simultaneously on
multiple servers, replication conflict entries were sometimes generated in the
So if I understand it right, there is a new check implemented which prevents
raising domain level when this happens.
So my question is what can I do to get rid of "conflict entries" and raise
domain level ?
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org