[Freeipa-users] Duplicate objects after 4.1 ipa-server upgrade
Andrew Krause
andrew.krause at breakthroughfuel.com
Mon Nov 2 23:05:59 UTC 2015
After upgrading to 4.1 I have duplicated permission objects in my directory with names including nsuniqueid. Is it safe to delete all of these objects? Somehow this is only causing an issue for a specific user hitting a specific HBAC policy.
(Mon Nov 2 14:29:23 2015) [sssd[be[blue-shift.com]]] [hbac_eval_user_element] (0x0080): Parse error on [cn=Read PassSync Managers Configuration+nsuniqueid=4ae3220f-4d2b11e5-a06ffcc2-215714a9 …………..
(Mon Nov 2 14:29:23 2015) [sssd[be[blue-shift.com]]] [hbac_ctx_to_rules] (0x0020): Could not construct eval request
(Mon Nov 2 14:29:23 2015) [sssd[be[blue-shift.com]]] [ipa_hbac_evaluate_rules] (0x0020): Could not construct HBAC rules
This is causing authentication to fail for the user in question, and I would like to get rid of these useless objects if they are no longer necessary.
More information about the Freeipa-users
mailing list