[Freeipa-users] Re: ERR: ID value too large

Alexander Bokovoy via FreeIPA-users Mon, 06 Aug 2018 05:09:34 -0700

On ma, 06 elo 2018, Роман Гинович via FreeIPA-users wrote:

I'm try add extra range, but get error.

ipa idrange-add DOMAIN_id_range_extra --base-id=10000 --range-size=10000 
--rid-base=500000 --secondary-rid-base=510000 --type=ipa-local
ipa: ERROR: Constraint violation: New base range overlaps with existing base 
range.

ipa idrange-add DOMAIN_id_range_extra --base-id=10000 --range-size=10000 
--rid-base=200000000 --secondary-rid-base=200020000 --type=ipa-local
ipa: ERROR: Constraint violation: New base range overlaps with existing base 
range.


My current id range covers all existing users.

ipa idrange-find
---------------
1 range matched
---------------
 Range name: DOMAIN_id_range
 First Posix ID of the range: 10000
 Number of IDs in the range: 10000
 First RID of the corresponding RID range: 1000
 First RID of the secondary RID range: 100000000
 Range type: local domain range
------------------------------
Количество вернутых значений 1
------------------------------

ldapsearch -h freeipa.domain -x -D 'cn=Directory Manager' -b "cn=accounts,dc=domain" -W 
'(uid=*)' | grep -E "(uid|gid)"Number | awk '{print $2}' | sort | uniq | sort -n
Enter LDAP Password:
10000
10001
10007
...
10161
10164
10165


When i run ipa-adtrust-install i get error - "ID value too large"

Can you show exact error message?

I found this code in source:

if (uid_number >= UINT32_MAX || gid_number >= UINT32_MAX) {
LOG_FATAL("ID value too large.\n");
ret = LDAP_CONSTRAINT_VIOLATION;
goto done;
}


How i can get this error if my uid/gid in range 10000-10165?



--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/message/CFOTOY5RH5WXRQYJC32KY4WW3M6UI75P/

[Freeipa-users] Re: ERR: ID value too large

Reply via email to