[Freeipa-devel] User Life Cycle: enforce ipaUniqueID generation by the server
thierry bordaz
tbordaz at redhat.com
Mon Jun 16 12:54:23 UTC 2014
Hello,
When a stage user is activate (ipa stageuse-activate), UUID plugin
(DS) checks that the ipaUniqueID value of the new active user is
'autogenerate'.
This is useful to prevent a provisioning systems to create Active
user with invalid ipaUniqueID.
Now one of the workflow step is to move a Delete user into the Stage
container. In that case the Stage entry contains a ipaUniqueID and
can not activate.
A possibility is to 'reset' the ipaUniqueID value to 'autogenerate'
during that step but I wonder it it is valid to reset it.
Also, is it valid to reset it and keep others values like
uidNumber/gidNumber ?
thanks
thierry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140616/20dfc81b/attachment.htm>
More information about the Freeipa-devel
mailing list