[Freeipa-users] EXTERNAL: Re: Can't delete group because it states it's not found

[Rob Crittenden]

Joseph, Matthew (EXP) wrote:
> Hey Rob,
> 
> So I did the following command;
> 
> Ldapdelete -D "cn=Directory Manager" -h server_name -p 389 "cn=group_name,cn=groups,cn=accounts,dc=domain,dc=ca" and it comes back with the following;
> Ldap_delete: No such object
> 
> I also tried replacing the group_name with the nsuniqueid and still the same results.

I'd need more details on what you did. You already know the group by
it's name doesn't exist otherwise IPA would have been able to delete it.

The point is to use the --all --raw flags to get the actual DN of the
group entry and delete that.

rob

> 
> Matt
> 
> -----Original Message-----
> From: Rob Crittenden [mailto:rcritten at redhat.com] 
> Sent: Tuesday, April 14, 2015 12:01 PM
> To: Joseph, Matthew (EXP); freeipa-users at redhat.com
> Subject: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states it's not found
> 
> Joseph, Matthew (EXP) wrote:
>> Hello,
>>
>>  
>>
>> I'm trying to delete a group in IdM but when I do a ipa group-del
>> "group" it states the following;
>>
>> Ipa: ERROR: "group": group not found
>>
>>  
>>
>> I do an ipa group-find and it displays the group with the current memebers.
>>
>>  
>>
>> I look in the WebgUI and I can see the group in there but it has no
>> information. If I try to view the group or delete it from there it again
>> states that the group is not found.
>>
>>  
>>
>> Anyone see this before?
> 
> Run ipa group-show --all --raw <groupname> and look at the dn value. It
> may be a replication conflict entry. You'd need to delete that manually
> using something like ldapdelete.
> 
> rob
>