...

1. ssh to ssh-proxy in your tenancy
2. ssh using DNS to the new LDAP machine
3. Run sudo ipactl status → verify the services are all up and running
4. From Morpheus go to Provisioning → Instances and deploy a new machine to test the enrollment to LDAP DNS is working correctly with the new LDAP machine.

Known possible errors

DNA range issue

After the IPA Migration, especially from Centos7 to Rocky9, there might be still some possible errors, like the one below:

...

ipa-replica-manage dnarange-show

ipa command line of WebUI access is denied, with an HTTP error 401

You could identify this error during tests or enrloment, after the migration from Centos7 to Rocky8.

1. SSH to the LDAP machine
2. become root
3. Run the following 

   Code Block
   python3 /usr/libexec/ipa/oddjob/org.freeipa.server.config-enable-sid --add-sids

4. finally kinit with the admin user and try to run ipa commands to verify it works

Resource: https://access.redhat.com/solutions/7052125