Hello, I'm having trouble to set the IPA domain level to 1.
When I run the command: ipa domainlevel-set 1 ipa: ERROR: Domain Level cannot be raised to 1, existing replication conflicts have to be resolved. At the moment we have just two IPA server. I have tried to uninstall all replicas, keeping only first ipa master, but the same error occurred. While running only one IPA server without any replica, I used ipa-replica-manage list-ruv and clean-ruv to delete all RUVs, but was still unable to raise the domain level. OS: RHEL 7.3, updated to last IPA version ipa-server-4.4.0-14. First version of IPA server installed was on RHEL 7.2, then updated to RHEL 7.3. This is described in RHBA-2017:0089-1 Previously, if an Identity Management (IdM) upgrade ran simultaneously on multiple servers, replication conflict entries were sometimes generated in the "cn=topology" subtree. So if I understand it right, there is a new check implemented which prevents raising domain level when this happens. So my question is what can I do to get rid of "conflict entries" and raise domain level ? Thanks, Jan Karásek _______________________________________________ FreeIPA-users mailing list -- firstname.lastname@example.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org