[Freeipa-users] EXTERNAL: Re: Can't delete group because it states it's not found
Joseph, Matthew (EXP)
matthew.joseph at lmco.com
Tue Apr 14 17:48:12 UTC 2015
I tried to do the following command;
Ldapdelete -D "cn=Directory Manager" -h server_name -p 389 "cn=nsuniqueid_random_set_of_numbers,cn=groups,cn=accounts,dc=domain,dc=ca"
And I get the ldap_delete: no such object
Matt
-----Original Message-----
From: Rob Crittenden [mailto:rcritten at redhat.com]
Sent: Tuesday, April 14, 2015 2:32 PM
To: Joseph, Matthew (EXP); freeipa-users at redhat.com
Subject: Re: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states it's not found
Joseph, Matthew (EXP) wrote:
> Hey Rob,
>
> So I did the following command;
>
> Ldapdelete -D "cn=Directory Manager" -h server_name -p 389 "cn=group_name,cn=groups,cn=accounts,dc=domain,dc=ca" and it comes back with the following;
> Ldap_delete: No such object
>
> I also tried replacing the group_name with the nsuniqueid and still the same results.
I'd need more details on what you did. You already know the group by
it's name doesn't exist otherwise IPA would have been able to delete it.
The point is to use the --all --raw flags to get the actual DN of the
group entry and delete that.
rob
>
> Matt
>
> -----Original Message-----
> From: Rob Crittenden [mailto:rcritten at redhat.com]
> Sent: Tuesday, April 14, 2015 12:01 PM
> To: Joseph, Matthew (EXP); freeipa-users at redhat.com
> Subject: EXTERNAL: Re: [Freeipa-users] Can't delete group because it states it's not found
>
> Joseph, Matthew (EXP) wrote:
>> Hello,
>>
>>
>>
>> I'm trying to delete a group in IdM but when I do a ipa group-del
>> "group" it states the following;
>>
>> Ipa: ERROR: "group": group not found
>>
>>
>>
>> I do an ipa group-find and it displays the group with the current memebers.
>>
>>
>>
>> I look in the WebgUI and I can see the group in there but it has no
>> information. If I try to view the group or delete it from there it again
>> states that the group is not found.
>>
>>
>>
>> Anyone see this before?
>
> Run ipa group-show --all --raw <groupname> and look at the dn value. It
> may be a replication conflict entry. You'd need to delete that manually
> using something like ldapdelete.
>
> rob
>
More information about the Freeipa-users
mailing list