So in our environment, we had 3 freeipa 4.9.11 servers (ipa4, ipa5, ipa6) in a replicated setup, DL1, and a couple weeks ago, something happened that broke the replication between the three of them. We were able to get ipa6 up and running and accepting clients, so we shut down ipa4 and ipa5 and removed all replication agreements, ruvs, and topology segments related to ipa4 and ipa5. We are trying to clean up ipa6 before attempting to stand up new replicas, and we are stuck on this one problem: when running ipa-healthcheck, it complains that the time skew is over 24 hours, specifically it is 30145 days off, a bit over 82 years. ipa6 ~ $ ipa-healthcheck [ { "source": "ipahealthcheck.ds.dse", "check": "DSECheck", "result": "CRITICAL", "uuid": "ecc2c131-b86a-4851-a156-c304d77ebb0b", "when": "20230822183329Z", "duration": "0.012828", "kw": { "key": "DSSKEWLE0003", "items": [ "Replication", "dc=DOMAIN,dc=DOMAIN,dc=DOMAIN", "Time Skew", "Skew: 30145 days, 2 hours, 20 minutes, 16 seconds" ], "msg": "The time skew is over 24 hours. Setting nsslapd-ignore-time-skew\nto \"on\" on each replica will allow replication to continue, but if the\ntime skew continues to increase other serious replication problems can\noccur." } I was able to find mention of this method to correct time skew issues:https://www.port389.org/docs/389ds/howto/howto-fix-and-reset-time-... , but since we are now running on a single node with no replicas, I dont see how that would help. How is it even possible to have a skew in time between replicas if there are no replicas? Thanks, Kevin