Khurrum Maqb via FreeIPA-users wrote:
Thank you! That worked:
Running `kdestroy -A` allowed me to set the dnaNextRange on ServerA to 0-0.
Then I set ServerC to 104608142-104799999. The replica did NOT install after that and
failed in the same way, but running the `ldapmodify` command to manually set the
default-smb-group allowed the replica, serverRL, to successfully install.
The range is VERY strange. Due to the strangeness, would it make sense to create a new
range and assign it to the newly created replica as a DNARange?
ie, `ipa idrange-add IDM.EXAMPLE.COM_new_range --base-id=100000000 --range-size=200000`
and then `ipa-replica-manage dnarange-set
serverRL.sub.example.com 100000000-100010000`
IPA ranges are a strange beast. There is no real connection between a
local IDM range and DNA other than they happen to cover the same number
space. Adding a new range won't affect the DNA configuration.
I wonder if the range on the other two servers are way too small to
split. It may be worth it to dig through your entries to determine a
more even split between them and then manually fix things.
You should be able to get away with some overlap with already
provisioned ids, the DNA plugin should handle that, but I'm not one to
press my luck so if you can pick new ranges w/o overlapping existing
values I'd go that route.
rob