[Freeipa-users] [SOLVED] FreeIPA server has no UID range

Mon, 28 Jan 2019 11:03:20 -0800 

On 1/28/19 11:02 AM, Ian Pilcher wrote:

Many moons ago I migrated my home FreeIPA server from CentOS 6 to CentOS
7 via replication.  I've just tried to create a new user for the first
time since, and I hit:

   Operations error: Allocation of a new value for range cn=posix
   ids,cn=distributed numeric assignment plugin,cn=plugins,cn=config
   failed! Unable to proceed.

I've found a few old mailing list messages that explain the reason that
this happened, so I know that I need to create a "dnarange", but I
haven't found anything that shows me exactly how to do that, or what the
range should be.  (Since I only have a single server, I would think that
the default would be fine.)


This turned out to be straightforward, once I found this blog post:

  https://rcritten.wordpress.com/2015/01/05/freeipa-and-no-dna-range/

For posterity (for a single server setup):

[root@XXX conf.d]# ipa-replica-manage dnarange-show
XXX.YYY.ZZZ: No range set

[root@XXX conf.d]# ipa idrange-find
---------------
1 range matched
---------------
  Range name: YYY.ZZZ_id_range
  First Posix ID of the range: 1785200000
  Number of IDs in the range: 200000
  Range type: local domain range
----------------------------
Number of entries returned 1
----------------------------

[root@XXX conf.d]# ipa-replica-manage dnarange-set XXX.YYY.ZZZ \
    1785200000-$((1785200000+200000-1))

[root@XXX conf.d]# ipa-replica-manage dnarange-show
XXX.YYY.ZZZ: 1785200000-1785399999

And I can now create a user.

--
========================================================================
Ian Pilcher                                         arequip...@gmail.com
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org

Reply via email to