[Freeipa-devel] User Life Cycle: enforce ipaUniqueID generation by the server
thierry bordaz
tbordaz at redhat.com
Tue Jun 17 18:43:45 UTC 2014
On 06/17/2014 08:39 PM, Simo Sorce wrote:
> On Tue, 2014-06-17 at 17:59 +0200, thierry bordaz wrote:
>> * ipa stageuser-add <login> --from-delete
>>
>> It moves a deleted entry to staging container where
>>
>> uidNumber: <unchanged, so it is preserved from the
>> prevous active account>
>> gidNumber: <unchanged, so it is preserved from the
>> prevous active account>
>> ipaUniqueID: autogenerate (reset to autogenerate)
> Why are you resetting the unique id ?
I can not activate a stage user that already has ipaUniqueID. The UUID
IPA plugin rejects adding such entry.
It is not strictly necessary to reset this value when moving the entry
Delete to Staging. But later 'Staging' to 'Active' (stageuser-activate)
it is required.
>
>> description: __no_upg__ (to show there is no managed
>> group)
>> nsAccountLock: True
>
More information about the Freeipa-devel
mailing list