On Sun, 2011-10-16 at 22:55 +0200, Sigbjorn Lie wrote:
> Hi,
> When I attempt to create a automember rule, I get an error message "ipa: 
> ERROR: Auto Membership is not configured".
> [root@ipa01 ~]# ipa automember-add --type=group s_serviceaccounts
> ipa: ERROR: Auto Membership is not configured
> [root@lieipa01 ~]# ipa group-add --desc="Developers" devel
> -------------------
> Added group "devel"
> -------------------
>    Group name: devel
>    Description: Developers
>    GID: 698600064
> [root@ipa01 ~]# ipa automember-add --type=group devel
> ipa: ERROR: Auto Membership is not configured
> [root@ipa01 ~]#
> I found the container for the automember by using "# ipa env"
>    container_automember: cn=automember,cn=etc
> This container does not exist in my LDAP tree. I cannot find any 
> documentation mentioning any requirement to create this container 
> manually, and I cannot find any reported bug related to this issue.
> Is this a bug, or have I missed something?
> Regards,
> Siggi

Hi Sigbjorn,

This functionality requires data in cn=automember,cn=etc as you have
already correctly found. Unfortunately, they are only filled during
fresh installs and not during upgrades. I filed a BZ for this issue:


If you want to try this feature, you can either try a fresh install or
add the data from /usr/share/ipa/automember.ldif to your LDAP server (of
course, $SUFFIX needs to be expanded).


Freeipa-users mailing list

Reply via email to