[Freeipa-users] Why not unix UIDs (numbers and range)

Dmitri Pal dpal at redhat.com
Mon May 23 21:31:41 UTC 2011 

On 05/23/2011 05:09 PM, Steven Jones wrote:
> um so I thought there was a 65k limit?
>

The UID is at least 32 bit on the modern systems as far as I recall and
has been this way for quite some time.

> I have way more numerals than that.
>
> Also I need to pick up that UID from somewhere as its part of a users identify in the identity managment system we have....how would I go about sucking that out of IPA after the account is provisioned?

you can get user info via CLI or LDAP.

But you can also provide yours as explicit arguments to user creation.
If you do the entry will be created with the UID and GID you want though
you would have to make sure there is no duplication yourself.

We have couple tickets that will help with detection and explanation of
this situation.
https://fedorahosted.org/freeipa/ticket/1183 (doc)
https://fedorahosted.org/freeipa/ticket/341
https://fedorahosted.org/freeipa/ticket/1231

> regards
>
> Steven
> ________________________________________
> From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Stephen Gallagher [sgallagh at redhat.com]
> Sent: Monday, 23 May 2011 11:23 p.m.
> To: freeipa-users at redhat.com
> Subject: Re: [Freeipa-users] Why not unix UIDs (numbers and range)
>
> On Mon, 2011-05-23 at 04:42 +0000, Steven Jones wrote:
>> Hi,
>>
>> Why doesnt IPA use std unix UIDs? and how does that translate into Unix permissions on a client if it does not?
>>
>> BTW neat install, under 10mins and its up!
>
> FreeIPA does use standard UNIX UIDs and GIDs. By default, however,
> they're generated automatically behind the scenes so that the
> administrator doesn't need to manage them. FreeIPA does this so it can
> ensure that there are no duplicate IDs in the system, which is a common
> problem in unmanaged LDAP environments.
>
> On the various client machines, you can see that the users have UIDs and
> GIDs by performing 'getent passwd <username>'.
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

More information about the Freeipa-users mailing list