Hi,
Is your IPA server configured as domain level 0 or domain level 1?
If level 0, the replica installation is done in 2 steps, the preparation of
a replica file on the master, and then the installation of the replica
using this replica file.
If level 1, there is no preparation step for a replica file.
To get the current domain level:
ipa *domainlevel-get*
flo
On Mon, Feb 6, 2023 at 8:32 AM Bryan Fang via FreeIPA-users <
freeipa-users(a)lists.fedorahosted.org> wrote:
Hi folks,
hope you are doing well, in case of dealing with domain level 0, when run
ipa-replica-install, i have to provide gpg file as one of parameters, and
cannot use --dirsrv-cert-file etc. together with gpg file
'You cannot specify any of --dirsrv-cert-file, --http-cert-file, or
--pkinit-cert-file together with replica file'
as your suggestion I run ipa-client-install firstly, all certificates
should be placed correctly, then when I run ipa-replica-install file.gpg
-d, then get below error message
ipapython.admintool: DEBUG The ipa-replica-install command failed,
exception: ScriptError: IPA client is already configured on this system.
Please uninstall it first before configuring the replica, using
'ipa-client-install --uninstall'.
ipapython.admintool: ERROR IPA client is already configured on this
system.
but certificate issue if I uninstall ipa-client, how to solve this issue?
thanks in advance!
Best regards,
Bryan
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue