Hi Rob, once again thank you for your time and effort following up on this.
First and regarding the --skip-conncheck the answer is no, I'm not using skip conncheck. The process I'm using to add the replica is: 1. ipa-client-install 2. on ns1 add ns3 to ipaservers group 3. ipa-replica-install --setup-ca --setup-dns --forwarder=208.67.222.222 (we use OpenDNS as global forwarder with forward only policy) Regarding the version error, I investigated a little further to discover that ns2 was having a replication disagreement with ns1, so I ran `ipa topologysegment-reinitialize' and fixed that. After doing so I restarted the process. I came across the same error. I also checked the logs for dirsrv again. I'm putting the results on pastebin I believe it will be easier to read, hope you don't mind. from NS3 ipareplica-install: https://pastebin.com/Ymehai80 from dirsrv logs: https://pastebin.com/PEVraXL4 I included the log from all the servers. Thank you rm _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
