Hi,
Is your IPA server configured as domain level 0 or domain level 1? If level 0, the replica installation is done in 2 steps, the preparation of a replica file on the master, and then the installation of the replica using this replica file. If level 1, there is no preparation step for a replica file.
To get the current domain level:
ipa *domainlevel-get*
flo
On Mon, Feb 6, 2023 at 8:32 AM Bryan Fang via FreeIPA-users < freeipa-users@lists.fedorahosted.org> wrote:
Hi folks, hope you are doing well, in case of dealing with domain level 0, when run ipa-replica-install, i have to provide gpg file as one of parameters, and cannot use --dirsrv-cert-file etc. together with gpg file 'You cannot specify any of --dirsrv-cert-file, --http-cert-file, or --pkinit-cert-file together with replica file' as your suggestion I run ipa-client-install firstly, all certificates should be placed correctly, then when I run ipa-replica-install file.gpg -d, then get below error message ipapython.admintool: DEBUG The ipa-replica-install command failed, exception: ScriptError: IPA client is already configured on this system. Please uninstall it first before configuring the replica, using 'ipa-client-install --uninstall'. ipapython.admintool: ERROR IPA client is already configured on this system.
but certificate issue if I uninstall ipa-client, how to solve this issue? thanks in advance! Best regards, Bryan _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahoste... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue