Hi,

The difference between server and replica is crl generation role.

If you want to promote another server in topology to be a CRL master, you can look at https://www.freeipa.org/page/V4/Promotion_to_CRL_generation_master.

for the other part, I found this https://serverfault.com/questions/751815/how-does-ipa-client-know-when-ipa-fail-over-occurs-during-multi-master-set

On Mon, May 6, 2024 at 12:27 PM Dmitry Krasov via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote:

Hello.
just installed replica (ipa2.dom.loc), it seems works fine.

But how enrolled clients will know about this replica, if primary server will be down?
And how to make ipa2.dom.loc to work as primary server?
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Regards

Rizwan Shaikh

He/Him/His

IM: rizwan