On Tue, 2014-06-17 at 20:43 +0200, thierry bordaz wrote: > On 06/17/2014 08:39 PM, Simo Sorce wrote: > > On Tue, 2014-06-17 at 17:59 +0200, thierry bordaz wrote: > >> * ipa stageuser-add <login> --from-delete > >> > >> It moves a deleted entry to staging container where > >> > >> uidNumber: <unchanged, so it is preserved from the > >> prevous active account> > >> gidNumber: <unchanged, so it is preserved from the > >> prevous active account> > >> ipaUniqueID: autogenerate (reset to autogenerate) > > Why are you resetting the unique id ? > I can not activate a stage user that already has ipaUniqueID. The UUID > IPA plugin rejects adding such entry. > It is not strictly necessary to reset this value when moving the entry > Delete to Staging. But later 'Staging' to 'Active' (stageuser-activate) > it is required.
If someone keys something around the ipaUniqueID you cannot lose it. I wonder if we can allow setting a ipauniqueID instead of refusing, I forgot why we refuse to set values though. Maybe we can relax and just count on uniqueness plugin to reject if there is a conflict. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
