Hi Daryl,
please always reply to the list.
On Wed, 20 Apr 2016, Daryl Fonseca-Holt wrote:
On 04/20/16 11:10, Alexander Bokovoy wrote:
On Wed, 20 Apr 2016, Daryl Fonseca-Holt wrote:
After doing a yum update on April 14 we are experiencing this
error on an ipa
user-add:
ipa: ERROR: missing attribute "nisMapName" required by object class
"nisMap"
The /var/log/ipaupgrade.log is too large to attach but I didn't
see any obvious
errors in it.
After the update the versions are:
ipa-server-4.2.0-15.el7_2.6.1.x86_64
389-ds-base-1.3.4.0-29
The dirsrv instance log has this error:
[19/Apr/2016:09:48:44 -0500] - Entry
"uid=testuser,cn=users,cn=accounts,dc=uofmt1" missing attribute
"nisMapName" required by object class "nisMap"
Default user object classes do not include nisMap object class. Did you
add that yourself?
Yes, in a misguided attempt to get an NIS map to work. I'll remove it.
That fixed the problem. ipa user-add is working again!
Default group objectclasses: top, ipaobject, groupofnames,
ipausergroup, nestedgroup
Default user objectclasses: ipaobject, person, top, ipasshuser,
inetorgperson, umanitobaPerson, organizationalperson,
krbticketpolicyaux, krbprincipalaux, nisMap, inetuser, posixaccount
As I suspected, nisMap is in the default user object classes. Never add
it there :)
Thanks for your expertise! After I removed the nisMap from the user
object classes the user-add started working again.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
