[Freeipa-users] Change user login name? (uid in LDAP)

[Rob Crittenden]

Will Sheldon wrote:
>
> Hello all :)
>
> We have an internal process that requires the renaming of users from
> time to time (user gets married, changes name). This requires changing
> the "login name” as it’s called in the GUI, (or uid in LDAP).
>
> There doesn’t currently appear to be any method for doing so other than
> to delete the user and create a new one, then update the uidNumber and
> gidNumber to the old values using the ipa modify-user command.
>
> Is there a better way? I’ve looked through all the docs and hunted
> through the mailing list archives but can’t find anything...
>
>
> W.

I'm not really a GUI guy but you can do it on the CLI using the --rename 
option (I forget when we added this but it's in 3.0+):

Here I'll add a single woman named Sarah Robertson who finds Mr. Right 
and takes his name, Jacobs.

$ ipa user-add --first=Sarah --last=Robertson sroberts
---------------------
Added user "sroberts"
---------------------
   User login: sroberts
   First name: Sarah
   Last name: Robertson
   Full name: Sarah Robertson
   Display name: Sarah Robertson
   Initials: SR
   Home directory: /home/sroberts
   GECOS field: Sarah Robertson
   Login shell: /bin/sh
   Kerberos principal: sroberts at EXAMPLE.COM
   Email address: sroberts at example.com
   UID: 1717600001
   GID: 1717600001
   Password: False
   Kerberos keys available: False
$ ipa user-mod --rename=sjacobs sroberts
------------------------
Modified user "sroberts"
------------------------
   User login: sjacobs
   First name: Sarah
   Last name: Roberts
   Home directory: /home/sroberts
   Login shell: /bin/sh
   Email address: sroberts at example.com
   UID: 1717600001
   GID: 1717600001
   Account disabled: False
   Password: False
   Member of groups: ipausers
   Kerberos keys available: False

Note that there are a bunch of values left to be updated including the 
last name, GECOS, Full Name and potentially homedir and e-mail addr.

rob