Hey Rob,
Yes, it was an attempt to see if I can "fix" the issue. The problem was there
even before I added the new range. We have only a handful of users, most of them managed
independently UID/GID wise.
A bit more information below, if it helps:
[root@equator ~]# ipa idrange-find
----------------
2 ranges matched
----------------
Range name: REDACTED-DOMAIN.COM_id_range
First Posix ID of the range: 1138400000
Number of IDs in the range: 200000
Range type: local domain range
Range name: REDACTED-DOMAIN.COM_new_range
First Posix ID of the range: 1138700000
Number of IDs in the range: 20000
Range type: local domain range
----------------------------
Number of entries returned 2
----------------------------
[root@equator ~]# ipa-replica-manage dnarange-show
exact.redacted-domain.com: 1138400006-1138400010
alien.redacted-domain.com: 1138500000-1138599999
mentor.redacted-domain.com: No range set
equator.redacted-domain.com: 1138400011-1138499999
bingo.redacted-domain.com: No range set
I've no idea what's wrong actually... I split the initial range across a few
members since I will be removing server "exact" next (via dnarange-set).
Thx,
Andrei.