To elaborate further, the authentication request works on the secondary IPA server, but I am immediately greeted with this WSGI error screen.



On Thu, Jun 29, 2017 at 3:47 PM, Jason Hensley <jhensley@subfx.net> wrote:
Hello,

  I have setup a pair of FreeIPA 4.5.2 servers.  One via ipa-server-install, the other via ipa-replica-install.  I have tried them both as trust controllers and I have tried them in a controller/agent setup.

  My problem is that no AD users can login to the self service UI on the secondary IPA server.  Is this by design, or is it merely a bug?  I can provide more details/logs/configs on request.

 Thanks,
Jason