[Freeipa-users] minimum UIDs and GIDs
Simo Sorce
ssorce at redhat.com
Wed Oct 8 15:50:01 UTC 2008
On Wed, 2008-10-08 at 16:26 +0100, Nick Gresham wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I'm a systems administrator at the University of Manchester currently
> trialling FreeIPA as an authentication solution for a group of
> workstations and HPC machines.
>
> Generally speaking, I am very impressed, but I was wondering if there
> would be a way of setting minimum values for UIDs and GIDs of new users
> and groups respectively, so as to keep IPA-generated values from
> colliding with pre-existing accounts on machines that we are trying to
> make into FreeIPA clients?
Yes, currently it requires a change in the dna plugin configuration.
You can change the attribute 'dnaNextValue' in these 2 ldap entries:
cn=Accounts,cn=Posix,cn=ipa-dna,cn=plugins,cn=config
cn=Groups,cn=Posix,cn=ipa-dna,cn=plugins,cn=config
You can do that online using the 'cn=Directory Manager' ldap user.
Simo.
More information about the Freeipa-users
mailing list