I’ve mentioned problems setting up a replica. I just got it to work. The install ran cleanly. No sign of errors. However a couple of items ended up in LDAP on the replica, but didn’t get into the copies on the original 2 systems. krb4.cs.rutgers.edu<http://krb4.cs.rutgers.edu> is the new replica.
cn=krb4.cs.rutgers.edu<http://krb4.cs.rutgers.edu>,cn=masters,cn=ipa,cn=etc,dc=cs,dc=rutgers,dc=edu was missing all the IPA object classes, and ipaReplTopoManagedSuffix, ipaMinDomainLevel, and ipaMaxDomainLevel. cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,dc=cs,dc=rutgers,dc=edu was missing memberPrincipal: HTTP/krb4.cs.rutgers....@cs.rutgers.edu<mailto:HTTP/krb4.cs.rutgers....@cs.rutgers.edu> ipa topologysegment-show believed that the replication agreement between the new system and the one it was installed from was one-way (left-to-right), although it appears both replication agreements were in place and worked. I added the missing attributes, deleted the broken topology segment, deleted the replication agreement that wasn’t reflected in the topology, and then put back the topology segment. The system now appears to be working without error.
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org