On 4/8/19 11:35 AM, Giulio Casella via FreeIPA-users wrote:
which is the correct way to add a replication segment between two server
(just one of them has CA role)?
I tried with "ipa topologysegment-add" and dragging it in the UI, but I
got "right node does not support suffix 'ca'".
Thanks in advance,
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
you need to run the CA install on the replica:
(replica)$ kinit admin
For more information, please see the man page for ipa-ca-install(1):
In a domain at domain level 1, ipa-ca-install can be used to upgrade
from CA-less to CA-full or to install the CA service on a replica, and
does not require any replica file.