15 Apr
2020
15 Apr
'20
4:29 a.m.
On ke, 15 huhti 2020, Alexandru David via FreeIPA-users wrote:
On ti, 14 huhti 2020, Alexandru David via FreeIPA-users wrote:
So, any particular reason why you chose that realm/domain?
this is important. The realm is fixed forever, and primary domain is fixed to be the same as the realm. In your replica deployment and other logs provided somehow your realm is EXAMPLE.COM while original realm is IPAMASTER01.EXAMPLE.COM.
Why are you using the first master's machine's hostname as a domain and realm here?
Because both IPA and AD are deployed in same domain.
This is not supported.
Either you move IPA into a subdomain of AD DNS zone or it is not really doable without hacks that would break you horribly going forward.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland