Description of problem:
dsconf accepts the "replica-id" option when setting a hub or a consumer.
The replica configuration entry is correctly created ( replicaID is set to 65535 ).

It would nice to prevent users setting the replicaID for hub and consumer roles because the value is set automatically anyway.
Customers could try creating hubs and consumers using a replicaID different of 65535.

Version-Release number of selected component (if applicable):
$ rpm -qa | grep 389-ds-base-1
389-ds-base-1.4.3.22-1.module+el8dsrv+10501+8ce33e95.x86_64
$

How reproducible:
Always.

Steps to Reproduce:
1. Try to create a consumer using a replicaID different of 65535:
$ dsconf -v -D "cn=Directory Manager" ldap://localhost:1389 replication enable --suffix="dc=test,dc=com" --role="consumer"  --replica-id=1

2. Check the actual configured value:
$ dsconf -D "cn=Directory Manager" ldap://localhost:1389 replication get --suffix="dc=test,dc=com" | grep -i replicaIDEnter password for cn=Directory Manager on ldap://localhost:1389:
nsDS5ReplicaId: 65535
$

Actual results:
One can pass the parameter "replica-id" to dsconf when creating hubs or consumers.

Expected results:
Don't allow to set the "replica-id" manually for hubs and consumers.

Additional info:

$ dsconf -v -D "cn=Directory Manager" ldap://localhost:1389 replication enable --suffix="dc=test,dc=com" --role="consumer"  --replica-id=1
DEBUG: The 389 Directory Server Configuration Tool
...
DEBUG: Checking "None" under None : {'cn': 'changelog5', 'nsslapd-changelogdir': '/var/lib/dirsrv/slapd-alps9/changelogdb'}
DEBUG: Validated dn cn=changelog5,cn=config
DEBUG: Creating cn=changelog5,cn=config
DEBUG: updating dn: cn=changelog5,cn=config
DEBUG: updated dn: cn=changelog5,cn=config with {'objectclass': [b'top', b'nsChangelogConfig']}
DEBUG: updating dn: cn=changelog5,cn=config
DEBUG: updated dn: cn=changelog5,cn=config with {'cn': [b'changelog5'], 'nsslapd-changelogdir': [b'/var/lib/dirsrv/slapd-alps9/changelogdb']}
DEBUG: Checking "None" under cn=mapping tree,cn=config : {'cn': 'replica', 'nsDS5ReplicaRoot': 'dc=test,dc=com', 'nsDS5Flags': '0', 'nsDS5ReplicaType': '2', 'nsDS5ReplicaId': '65535'}
DEBUG: Using first property cn: replica as rdn
DEBUG: _gen_selector filter = (&(&(objectclass=nsMappingTree))(|(cn=dc=test,dc=com)(nsslapd-backend=dc=test,dc=com)))
DEBUG: Validated dn cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config
DEBUG: Creating cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config
DEBUG: updating dn: cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config
DEBUG: updated dn: cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config with {'objectclass': [b'top', b'nsds5Replica']}
DEBUG: updating dn: cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config
DEBUG: updated dn: cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config with {'cn': [b'replica'], 'nsDS5ReplicaRoot': [b'dc=test,dc=com'], 'nsDS5Flags': [b'0'], 'nsDS5ReplicaType': [b'2'], 'nsDS5ReplicaId': [b'65535']}
DEBUG: Created entry cn=replica,cn=dc\3Dtest\2Cdc\3Dcom,cn=mapping tree,cn=config : {'objectclass': [b'top', b'nsds5Replica'], 'cn': [b'replica'], 'nsDS5ReplicaRoot': [b'dc=test,dc=com'], 'nsDS5Flags': [b'0'], 'nsDS5ReplicaType': [b'2'], 'nsDS5ReplicaId': [b'65535']}
INFO: Replication successfully enabled for "dc=test,dc=com"
INFO: Command successful.
$