On 08/20/2015 11:05 AM, thierry bordaz wrote:
On 08/19/2015 06:28 PM, Martin Babinsky wrote:
On 08/19/2015 02:54 PM, Martin Babinsky wrote:
this patch prevents https://fedorahosted.org/freeipa/ticket/5234 from
happening.
Actually, we (myself, mbasti, jcholast) found out that `user-del
--preserve` could use some more usability improvements.
This quick patch should fix both
https://fedorahosted.org/freeipa/ticket/5234 and
https://fedorahosted.org/freeipa/ticket/5236 and make user
preservation operate on multiple arguments in a same way as plain
deletion.
Hi Martin,
This is curious it is looking like in my test the fix does not prevent
the deletion:
[root@vm-141 freeipa]# ipa user-del ttest1 --preserve
---------------------
Deleted user "ttest1"
---------------------
[root@vm-141 freeipa]# ipa user-del ttest1 --preserve
---------------------
Deleted user "ttest1"
---------------------
[root@vm-141 freeipa]# ipa user-find ttest1 --preserve=true
---------------
0 users matched
---------------
----------------------------
Number of entries returned 0
----------------------------
[20/Aug/2015:11:00:33 +0200] conn=124 op=9 MODRDN
dn="uid=ttest1,cn=users,cn=accounts,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
newrdn="uid=ttest1" newsuperior="cn=deleted
users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
[20/Aug/2015:11:00:33 +0200] conn=124 op=9 RESULT err=0 tag=109
nentries=0 etime=0
...
[20/Aug/2015:11:00:44 +0200] conn=125 op=14 SRCH
base="uid=ttest1,cn=deleted
users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
scope=0 filter="(objectClass=*)" attrs="distinguishedName"
[20/Aug/2015:11:00:44 +0200] conn=125 op=14 RESULT err=0 tag=101
nentries=1 etime=0
[20/Aug/2015:11:00:44 +0200] conn=125 op=15 DEL
dn="uid=ttest1,cn=deleted
users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
[20/Aug/2015:11:00:44 +0200] conn=125 op=15 RESULT *err=0* tag=107
nentries=0 etime=0
...
[20/Aug/2015:11:00:57 +0200] conn=126 op=5 SRCH base="cn=deleted
users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
scope=1
filter="(&(|(telephoneNumber=*ttest1*)(uid=*ttest1*)(title=*ttest1*)(sn=*ttest1*)(ou=*ttest1*)(givenName=*ttest1*))(objectClass=posixaccount))"
attrs="telephoneNumber sshpubkeyfp uid title loginShell uidNumber
gidNumber sn homeDirectory mail givenName nsAccountLock"
[20/Aug/2015:11:00:57 +0200] conn=126 op=5 RESULT err=0 tag=101
*nentries=0* etime=0
Hi Martin,
Sorry I did a mistake in my tests.. retesting it
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
