On 05/09/2012 10:24 PM, Rob Crittenden wrote:
Sylvain Angers wrote:
Hello
Someone did delete the admin account by mistake, how can we recover from
this?

Fortunately there is nothing really special about the admin account except
that they are a member of the admins group, that is the important bit.

You can use ldapmodify to add another user into the admins group:

$ ldapmodify -x -D 'cn=directory manager' -W
dn: cn=admins,cn=groups,cn=accounts,dc=example,dc=com
changetype: modify
add: member
member: uid=youruser,cn=users,cn=accounts,dc=example,dc=com

^D

You can decide to re-create the admin user if you'd like.

We have a bug open to prevent the last member of the admins group to be removed.

I think we should document recovery procedure also:
https://fedorahosted.org/freeipa/ticket/2746

Petr^2 Spacek


rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to