On June 11, 2023 3:01:03 PM EDT, Mauricio Tavares <[email protected]> wrote: >I have two hosts; I will call them master (master.example.com) and >future replica (replica.example.com). Both master and future replica >are setup to use the same NTP servers. replica is currently >registered as a client to master; I am able to login as a realm user, >see my ticket using klist, and see the freeipa admin user. > >Before starting the replica install, I run the ipa-replica-conncheck >on both master and replica, setting the respective master and replica: > >[root@master ~]# /usr/sbin/ipa-replica-conncheck --replica replica.example.com >Check connection from master to remote replica 'replica.example.com': >Directory Service: Unsecure port (389): OK >Directory Service: Secure port (636): OK >Kerberos KDC: TCP (88): OK >Kerberos KDC: UDP (88): OK >Kerberos Kpasswd: TCP (464): OK >Kerberos Kpasswd: UDP (464): OK >HTTP Server: Unsecure port (80): OK >HTTP Server: Secure port (443): OK > >Connection from master to replica is OK. >[root@master ~]#` > >So far so good. >Based on https://www.freeipa.org/page/V4/NTP_Servers_Configuration#CLI, >I used the ipa-replica-install with the --no-ntp option because I did >not want the script to change the ntp settings. Here is the output: > >[root@replica ~]# ipa-replica-install --mkhomedir --no-ntp >Your system may be partly configured. >Run /usr/sbin/ipa-server-install --uninstall to clean up. > >NTP configuration cannot be updated during promotion >The ipa-replica-install command failed. See >/var/log/ipareplica-install.log for more information >[root@replica ~]# > >Why does it want to "update the ntp configuration" given the --no-ntp option?
I did some further investigating. Am I correct to assume the following lines (https://github.com/freeipa/freeipa/blob/master/ipaserver/install/server/replicainstall.py#L815-L818) cancel the install if I use --no-ntp? # The NTP configuration can not be touched on pre-installed client: if options.no_ntp or options.ntp_servers or options.ntp_pool: raise ScriptError( "NTP configuration cannot be updated during promotion") _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
