Khurrum Maqb via FreeIPA-users wrote:
> Thank you! That worked:
>
> Running `kdestroy -A` allowed me to set the dnaNextRange on ServerA to 0-0.
> Then I set ServerC to 104608142-10479. The replica did NOT install after
> that and failed in the same way, but running the `ldapmodify` command to
> manually set the default-smb-group allowed the replica, serverRL, to
> successfully install.
>
> The range is VERY strange. Due to the strangeness, would it make sense to
> create a new range and assign it to the newly created replica as a DNARange?
> ie, `ipa idrange-add IDM.EXAMPLE.COM_new_range --base-id=1
> --range-size=20`
> and then `ipa-replica-manage dnarange-set serverRL.sub.example.com
> 1-10001`
>
IPA ranges are a strange beast. There is no real connection between a
local IDM range and DNA other than they happen to cover the same number
space. Adding a new range won't affect the DNA configuration.
I wonder if the range on the other two servers are way too small to
split. It may be worth it to dig through your entries to determine a
more even split between them and then manually fix things.
You should be able to get away with some overlap with already
provisioned ids, the DNA plugin should handle that, but I'm not one to
press my luck so if you can pick new ranges w/o overlapping existing
values I'd go that route.
rob
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
