[Freeipa-users] getting rid of private groups
Craig White
CWhite at skytouchtechnology.com
Mon Nov 10 22:16:48 UTC 2014
-----Original Message-----
From: Rob Crittenden [mailto:rcritten at redhat.com]
Sent: Monday, November 10, 2014 3:14 PM
To: Craig White; freeipa-users at redhat.com
Subject: Re: [Freeipa-users] getting rid of private groups
Craig White wrote:
> Trying to learn to live without private groups.
>
>
>
> I imported a bunch of users from OpenLDAP and that was good.
>
>
>
> I created about 4 users and the private groups show up in odd places
> and I don't want them. The private groups offer little value since the
> bulk of the imported users don't have them anyway.
>
>
>
> I have done...
>
>
>
> ipa-managed-entries -e "UPG Definition" disable
>
> ipa-managed-entries -e "NGP Definition" disable
>
>
>
> ldapmodify -Y GSSAPI
>
> dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
>
> changetype: modify
>
> replace: originfilter
>
> originfilter: (objectclass=disabled)
>
>
>
> and restarted dirsrv but they are still showing - and I can't delete
> them ;-(
>
>
>
> ipa group-del test
>
> ipa: ERROR: Deleting a managed group is not allowed. It must be
> detached first.
>
>
>
> In the 'stash' application, I am trying to obscure them with an LDAP
> filter but that isn't working either
>
> (&(objectclass=posixGroup)(!(objectclass=mepManagedEntry)))
>
>
>
> How can I get rid of the these private groups?
$ ipa group-detach test
$ ipa group-del test
----
A BGO ! (blinding glimpse of the obvious) ;-)
As you can tell, I did research it.
Thanks Rob
More information about the Freeipa-users
mailing list