On 24/11/16 17:14, lejeczek wrote:
hi
I see this:
2 ranges matched
----------------
Range name: xx.id_range
First Posix ID of the range: 1952400000
Number of IDs in the range: 200000
First RID of the corresponding RID range: 0
Domain SID of the trusted domain:
S-1-5-21-1144915091-2252175215-702530032
Range type: Active Directory domain range
Range name: xx.xx.xx.xx.x_id_range
First Posix ID of the range: 1875000000
Number of IDs in the range: 200000
First RID of the corresponding RID range: 1000
First RID of the secondary RID range: 100000000
Range type: local domain range
----------------------------
Number of entries returned 2
some time ago when I first set up IPA I migrated users
from samba3's ldap backend. Since then until today there
was no new users I needed to add but now I do.
First on the list range I think it is a remnant of AD
trust which does not exists any more (should it be removed?).
I'm not sure how to read those ranges info, one thing I
notice is that UIDs from migration are probably between
500 & 2000 and now if I supply uid manually to user-add
and gid (which is old Samba's domain users group) then
creation of new user succeeds.
Is this normal, expected?
mthx,
L
ok, solution(ldapmodify) to the problem:
https://www.redhat.com/archives/freeipa-users/2014-February/msg00246.html
but could some experts shed more light on it - I see that
some time ago(after migration/import) I actually created
manually a user:
$ id netdevadmin
uid=1875000006(netdevadmin) gid=1875000006(netdevadmin)
groups=1875000006(netdevadmin)
today, after ldapmodify I create a new user but uids seem to
come from (what?) a different range??
$ id appmgr
uid=3501(appmgr) gid=3501(appmgr) groups=3501(appmgr)
what's is happening?
regards
L
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project