Re: [Freeipa-users] getting rid of private groups
-Original Message- From: Rob Crittenden [mailto:rcrit...@redhat.com] Sent: Monday, November 10, 2014 3:14 PM To: Craig White; freeipa-users@redhat.com Subject: Re: [Freeipa-users] getting rid of private groups Craig White wrote: > Trying to learn to live without private groups. > > > > I imported a bunch of users from OpenLDAP and that was good. > > > > I created about 4 users and the private groups show up in odd places > and I don't want them. The private groups offer little value since the > bulk of the imported users don't have them anyway. > > > > I have done... > > > > ipa-managed-entries -e "UPG Definition" disable > > ipa-managed-entries -e "NGP Definition" disable > > > > ldapmodify -Y GSSAPI > > dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX > > changetype: modify > > replace: originfilter > > originfilter: (objectclass=disabled) > > > > and restarted dirsrv but they are still showing - and I can't delete > them ;-( > > > > ipa group-del test > > ipa: ERROR: Deleting a managed group is not allowed. It must be > detached first. > > > > In the 'stash' application, I am trying to obscure them with an LDAP > filter but that isn't working either > > (&(objectclass=posixGroup)(!(objectclass=mepManagedEntry))) > > > > How can I get rid of the these private groups? $ ipa group-detach test $ ipa group-del test A BGO ! (blinding glimpse of the obvious) ;-) As you can tell, I did research it. Thanks Rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] getting rid of private groups
Craig White wrote: > Trying to learn to live without private groups. > > > > I imported a bunch of users from OpenLDAP and that was good. > > > > I created about 4 users and the private groups show up in odd places and > I dont want them. The private groups offer little value since the bulk > of the imported users dont have them anyway. > > > > I have done > > > > ipa-managed-entries -e "UPG Definition" disable > > ipa-managed-entries -e "NGP Definition" disable > > > > ldapmodify -Y GSSAPI > > dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX > > changetype: modify > > replace: originfilter > > originfilter: (objectclass=disabled) > > > > and restarted dirsrv but they are still showing and I cant delete > them ;-( > > > > ipa group-del test > > ipa: ERROR: Deleting a managed group is not allowed. It must be detached > first. > > > > In the stash application, I am trying to obscure them with an LDAP > filter but that isnt working either > > (&(objectclass=posixGroup)(!(objectclass=mepManagedEntry))) > > > > How can I get rid of the these private groups? $ ipa group-detach test $ ipa group-del test rob -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] getting rid of private groups
Trying to learn to live without private groups. I imported a bunch of users from OpenLDAP and that was good. I created about 4 users and the private groups show up in odd places and I don't want them. The private groups offer little value since the bulk of the imported users don't have them anyway. I have done... ipa-managed-entries -e "UPG Definition" disable ipa-managed-entries -e "NGP Definition" disable ldapmodify -Y GSSAPI dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX changetype: modify replace: originfilter originfilter: (objectclass=disabled) and restarted dirsrv but they are still showing - and I can't delete them ;-( ipa group-del test ipa: ERROR: Deleting a managed group is not allowed. It must be detached first. In the 'stash' application, I am trying to obscure them with an LDAP filter but that isn't working either (&(objectclass=posixGroup)(!(objectclass=mepManagedEntry))) How can I get rid of the these private groups? Craig White System Administrator O 623-201-8179 M 602-377-9752 [cid:image001.png@01CF86FE.42D51630] SkyTouch Technology 4225 E. Windrose Dr. Phoenix, AZ 85032 -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
