During a replica CA installation, the initial replication step may fail if there is too much time skew because the server and replica.
The replica installer already takes care of this for the replication of the domain suffix but the replica CA installer does not set nssldapd-ignore-time-skew to on.
Cloned from https://issues.redhat.com/browse/RHEL-27856 'Unable to log in as uid=admin-replica.testrealm.test,ou=people,o=ipaca' during replica install
Metadata Update from @frenaud: - Custom field rhbz adjusted to https://issues.redhat.com/browse/RHEL-27856, https://issues.redhat.com/browse/RHEL-49592
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/7450
master:
ipa-4-12:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.