[Freeipa-users] tricky one in OpenLDAP migration, groups
Janelle
janellenicole80 at gmail.com
Wed Jan 13 16:10:02 UTC 2016
Might it be possible with a user-mod or group-add/group-mod to accomplish?
Just thinking outside the box I guess.
~J
On 1/13/16 7:59 AM, Rob Crittenden wrote:
> Janelle wrote:
>> Hello,
>>
>> This may not be possible, or if it is I am going to guess it is not
>> going to be easy. If I have an old OpenLDAP environment with users who
>> never had unique UIG/GID - in other words, the GID was not unique to a
>> user, instead it was some global group. Well, I was hoping to migrate
>> over the OpenLDAP domain to IPA, but at the same time create a private
>> group for each user. Just wondering if this might be possible?
>>
>> Example OpenLDAP
>> user=freddy (UID=13) , GID=123456(friday)
>>
>> After migration to IPA:
>> user= uid=13(freddy), gid=13(freddy), groups=123456(friday)
>>
>> Does that make sense?
> It does but it isn't possible today. In fact the migration won't create
> user private groups at all (though there is an RFE for that,
> https://fedorahosted.org/freeipa/ticket/4738 )
>
> I don't think this is an unreasonable request. It may be an extension of
> the above ticket, probably requiring a new option to deal with the
> existing primary group.
>
> rob
>
More information about the Freeipa-users
mailing list