On Fri, 08 Jan 2016, Karl Forner wrote:
If you never added users through this IPA server, it has no subset of ID
range
allocated to IDs issued on this server. To obtain this subset, it needs
to talk back to the master on first allocation. Master is missing, thus
it couldn't talk to it.


thanks.

But if I understand, I just can not add any users from my replica ?
Does not it defeat the purpose of the replica as a failover server ?
Or obtaining the subset of IDs should be part of the process of setting-up
a replica ?
ID range is relatively scarce. We don't split it across multiple
replicas automatically because most of them will not be used to create
users and thus their sub-ranges will be wasted.

Documentation for the DNA plugin:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Configuration_Command_and_File_Reference/dna-attributes.html

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to