Hi, On Mon, Apr 22, 2024 at 12:58 PM LHEUREUX Bernard via FreeIPA-users < [email protected]> wrote:
> Hello, > > > > I’m trying to delete some anchors on Default Trust View on a FreeIPA with > trust to an AD and, I always get the message “…@... user not found » > > Effectively those users are no longer part of the organization and have > been removed from the AD, but how could I clean them in the Default Trust > View > > Thanks for your help. > You can use the SID format to delete the idoverride user. For instance, in my deployment I have setup an idoverrideuser for [email protected] and then deleted the entry from Active Directory. If I try to directly remove the idoverrideuser: #* ipa idoverrideuser-del "Default Trust View" [email protected]* ipa: ERROR: [email protected]: user not found But I can find the SID format for the override with: #* ipa idoverrideuser-find "Default Trust View" --all --raw* -------------------------- 1 User ID override matched -------------------------- dn: ipaanchoruuid=:SID:S-1-5-21-3461337807-2625513185-2631243145-1108,cn=Default Trust View,cn=views,cn=accounts,dc=ipa,dc=test ipaanchoruuid: *:SID:S-1-5-21-3461337807-2625513185-2631243145-1108* ipaoriginaluid: *[email protected]* objectClass: ipaOverrideAnchor objectClass: top objectClass: ipaUserOverride objectClass: ipasshuser objectClass: ipaSshGroupOfPubKeys ---------------------------- Number of entries returned 1 ---------------------------- and then use this format to remove the idoverride user: # *ipa idoverrideuser-del "Default Trust View" ":SID:S-1-5-21-3461337807-2625513185-2631243145-1108"* ------------------------------------------------------------------------------ Deleted User ID override ":SID:S-1-5-21-3461337807-2625513185-2631243145-1108" ------------------------------------------------------------------------------ HTH, flo > > > --- > > Bernard Lheureux > > Win S.A. > > > > ------------------------------ > 1/Conformément à notre certification ISO 27001, ce message et toute pièce > jointe sont la propriété exclusive de Win. L’information contenue dans cet > e- mail peut s’avérer confidentielle et dès lors protégée de toute > divulgation. Si vous avez reçu cette communication par erreur, veuillez > nous en informer immédiatement en répondant à ce message et en le > supprimant de votre ordinateur, sans le copier ni le divulguer. > 2/L’acceptation de toute offre commerciale (quel qu’en soit le support) > emporte l’adhésion aux descriptifs (notamment techniques) inhérents aux > solutions offertes, ainsi qu’aux conditions commerciales générales de Win, > consultables via https://www.win.be/cgv > DISCLAIMER : https://www.win.be/fr-win/disclaimer.htm > -- > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
-- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
