[Freeipa-users] unable to add user in freeIPA 4.2.3 using the web UI
Alexander Bokovoy
abokovoy at redhat.com
Fri Jan 8 16:49:07 UTC 2016
On Fri, 08 Jan 2016, Karl Forner wrote:
>Ok.
>
>I read a work-around on https://blog-rcritten.rhcloud.com/?p=50
>
>It says that if one has figured out a safe new range for the replica, the
>range could be set using:
>
>ldapmodify -x -D 'cn=Directory Manager' -W
>Enter LDAP Password:
>dn: cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
>changetype: modify
>replace: dnaNextValue
>dnaNextValue: 1689700000
>-
>replace: dnaMaxValue
>dnaMaxValue: 1689799999
>^D
>
>modifying entry "cn=Posix IDs,cn=Distributed Numeric Assignment
>Plugin,cn=plugins,cn=config"
>
>
>I suppose this can be dangerous, but would you consider it as a
>work-around, or should it be avoided at all means ?
Rob is one of FreeIPA project original developers and he wrote this
code, so he knows it well. To derive dnaMaxValue/dnaNextValue you need to
consult older server's data, if it is still available (in
/etc/dirsrv/slapd-INSTANCE/dse.ldif).
At worst you'd need to back out the change if things would work.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list