[Freeipa-devel] IPA 3.0 migrated to 4.1 users break winsync agreement when deleted in active directory
Andreas Calminder
andreas.calminder at nordnet.se
Wed Sep 9 08:50:55 UTC 2015
Forgot to write that deleting users in active directory not migrated
with the migrate-ds command works fine, it's only migrated users present
in the ad that breaks the winsync agreement on deletion.
On 09/09/2015 10:35 AM, Andreas Calminder wrote:
> Hi,
> I've asked in #freeipa on freenode but to no avail, figured I'll ask
> here as well, since I think I've actually hit a bug or (quite)
> possibly I've done something moronic configuration/migration -wise.
>
> I've got an existing FreeIPA 3.0.0 environment running with a fully
> functioning winsync agreement and passsync service with the windows
> environments active directory, I'm trying to migrate the 3.0.0
> environments users into a freshly installed 4.1 (rhel7) environment,
> after migration I setup a winsync agreement and make it
> bi-directional (one-way sync from windows) everything seems to be
> working alright until I delete a migrated user from the Active
> Directory, after the winsync picks up on the change it'll break and
> suggests a re-initialize. After the re-initialization the agreement
> seems to be fine, however the deleted user are still present in the
> ipa 4.1 environment and cannot be deleted. The webgui and ipa cli
> says: ipauser1: user not found. ipa user-find ipauser1 finds the user
> and it's visible in the ui.
>
> Anyone had the same problem or anything similar or any pointers on
> where to start looking?
>
> Regards,
> Andreas
>
More information about the Freeipa-devel
mailing list