On ke, 15 huhti 2020, Alexandru David via FreeIPA-users wrote:
> On ti, 14 huhti 2020, Alexandru David via FreeIPA-users wrote:
>
> So, any particular reason why you chose that realm/domain?
>
> this is important. The realm is fixed forever, and primary domain is
> fixed to be the same as the realm. In your replica deployment and other
> logs provided somehow your realm is
EXAMPLE.COM while original realm is
>
IPAMASTER01.EXAMPLE.COM.
>
> Why are you using the first master's machine's hostname as a domain and
> realm here?
Because both IPA and AD are deployed in same domain.
This is not supported.
Either you move IPA into a subdomain of AD DNS zone or it is not really
doable without hacks that would break you horribly going forward.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland