Hello, Patch for the following ticket to add note in documentation about bad uid ranges: https://fedorahosted.org/freeipa/ticket/2090
Thanks, Gabe
From ad9af09ef2250c497d75a53846539328df865578 Mon Sep 17 00:00:00 2001 From: Gabe <[email protected]> Date: Mon, 21 Apr 2014 17:13:13 -0600 Subject: [PATCH] [DOC] Sometimes users set bad uid ranges https://fedorahosted.org/freeipa/ticket/2090 --- src/user_guide/en-US/Users.xml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/user_guide/en-US/Users.xml b/src/user_guide/en-US/Users.xml index a260855b8742b5738c4660beaa400c7e73666c6e..833274342f33331651000a92c34620377d95050f 100644 --- a/src/user_guide/en-US/Users.xml +++ b/src/user_guide/en-US/Users.xml @@ -1053,7 +1053,18 @@ Disabling Plugin</screen> range is depleted so that less than 100 IDs are available, it can contact one of the available servers for a new range allotment. A special extended operation splits the range in two, so that the original server and the replica each have half of the available range. </para> - + <note> + <title>NOTE</title> + <para> + It is possible for an administrator to define an ID number range — which means that it is possible for an administrator to define a <emphasis>bad</emphasis> range. + </para> + <para condition="fedora"> + &OS; reserves all UID/GID numbers below 1000 for system use. SSSD treats all UID/GID numbers below 1000 as local system accounts. If an administrator sets the ID range to start at 500 to interact with a legacy application (for example), then user accounts assigned an ID number below 1000 will be unable to log in, because their user account is not recognized by SSSD. + </para> + <para condition="redhat"> + &RHEL; reserves all UID/GID numbers below 1000 for system use. SSSD treats all UID/GID numbers below 1000 as local system accounts. If an administrator sets the ID range to start at 500 to interact with a legacy application (for example), then user accounts assigned an ID number below 1000 will be unable to log in, because their user account is not recognized by SSSD. + </para> + </note> </section> <section id="Assigning_UIDs_and_GIDs-Adding_New_Ranges"> -- 1.9.0
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
