I have two hosts; I will call them master (master.example.com) and future replica (replica.example.com). Both master and future replica are setup to use the same NTP servers. replica is currently registered as a client to master; I am able to login as a realm user, see my ticket using klist, and see the freeipa admin user.
Before starting the replica install, I run the ipa-replica-conncheck on both master and replica, setting the respective master and replica: [root@master ~]# /usr/sbin/ipa-replica-conncheck --replica replica.example.com Check connection from master to remote replica 'replica.example.com': Directory Service: Unsecure port (389): OK Directory Service: Secure port (636): OK Kerberos KDC: TCP (88): OK Kerberos KDC: UDP (88): OK Kerberos Kpasswd: TCP (464): OK Kerberos Kpasswd: UDP (464): OK HTTP Server: Unsecure port (80): OK HTTP Server: Secure port (443): OK Connection from master to replica is OK. [root@master ~]#` So far so good. Based on https://www.freeipa.org/page/V4/NTP_Servers_Configuration#CLI, I used the ipa-replica-install with the --no-ntp option because I did not want the script to change the ntp settings. Here is the output: [root@replica ~]# ipa-replica-install --mkhomedir --no-ntp Your system may be partly configured. Run /usr/sbin/ipa-server-install --uninstall to clean up. NTP configuration cannot be updated during promotion The ipa-replica-install command failed. See /var/log/ipareplica-install.log for more information [root@replica ~]# Why does it want to "update the ntp configuration" given the --no-ntp option? _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
