Thanks Rob! New certs are all replicated and all IPA services are started on all 6 servers. I can perform 'ipa cert-show 1' on all 6 and get the expected result.
As a sanity check I did run the ipa-healthcheck on all 6 servers. One of them came back fine, the other 5 returned [ { "source": "ipahealthcheck.ipa.dna", "kw": { "msg": "No DNA range defined. If no masters define a range then users and groups cannot be created.", "range_start": 0, "next_start": 0, "next_max": 0, "range_max": 0 }, "uuid": "70636197-0b3e-4424-b509-1aa7f8be084d", "duration": "0.706384", "when": "20240405170045Z", "check": "IPADNARangeCheck", "result": "WARNING" } ] Now it's just a WARNING, and since the one didn't return it (they're all denoted as MASTER) maybe it's okay? -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue