Thanks jochen for your response! So far, we could quite well identify whos the master and the replica and identify how and where we should re-initialize.
Still there is good news at our side, we could further identify an issue and by fixing that (see below) also remove the replica and reinstall it. We had to "isolate" the second server (it was still reachable by ICMP ping) and were then able to just execute "ipa-replica-manage del uspidm02.[domain].[tld] --force --cleanup" and afterwards add it again. After a small duplicate RUV issue (documented at https://access.redhat.com/solutions/2741521) we're now up again and have a running IdM setup. Still, at our end there's one question left: for now, we have different passwords for the "admin" user and the directory manager password. Is this normal? Or do we have a broken setup now? Best regards, Rolf Ps: here's what we did to fix our issue: 1. copied uspidm01 and run isolated (offline) tests => we could identify this way all is well 2. after already doing reboots on uspidm02 disconnected that server and removed it on uspidm01 via ipa-replica-manage 3. by this identified an error in hosts entry of uspidm01 (listing uspidm02 with a wrong ip conflicting DNS information) 4. reinstalled uspidm02 according documentation from redhat
Description: S/MIME cryptographic signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project