[Freeipa-users] Adding RID base to existing range
Sumit Bose
sbose at redhat.com
Wed Mar 9 14:15:42 UTC 2016
On Wed, Mar 09, 2016 at 01:31:00PM +0000, Darren Poulson wrote:
> Hi,
>
> I’d tried that, but get this:
>
> [root at freeipa1-01 ~]# ipa idrange-mod <domain>_id_range --rid-base=1000
> ipa: ERROR: This command can not be used to change ID allocation for local
> IPA domain. Run `ipa help idrange` for more information
'ipa idrange-find' should show a second idrange with 'Range type: local
domain range'. Can you try if you can add the RID bases there?
bye,
Sumit
>
>
> Thanks,
>
> Darren.
>
>
> On 3/9/16, 9:45 AM, "freeipa-users-bounces at redhat.com on behalf of Sumit
> Bose" <freeipa-users-bounces at redhat.com on behalf of sbose at redhat.com>
> wrote:
>
> >On Wed, Mar 09, 2016 at 01:29:14AM +0000, Darren Poulson wrote:
> >> Hi,
> >>
> >> We¹re currently trying to set up an AD domain (great fun for a bunch of
> >> linux adminsŠ not) so that we can get authentication working with
> >>various
> >> bits of hardware that only support AD. We want this domain to trust our
> >> existing FreeIPA setup.
> >>
> >> When trying to ipa-adtrust-install I¹m getting:
> >>
> >> [10/22]: adding RID bases
> >> ipa : CRITICAL Found more than one local domain ID range with
> >>no RID
> >> base set.
> >>
> >> >From reading up, I need to have the id ranges configured with primary
> >>and
> >> secondary RIDs. Is there any way to do this, or do I have to delete and
> >
> >You can use 'ipa idrange-mod ...' to add the RID bases to existing
> >ranges.
> >
> >HTH
> >
> >bye,
> >Sumit
> >
> >> recreate the ranges? And if I do that, what are the implications?
> >>
> >> IPA 4.2.0 (CentOS 7)
> >> AD 2012R2
> >>
> >> Cheers,
> >>
> >> Darren.
> >>
> >>
> >>
> >
> >
> >
> >> --
> >> Manage your subscription for the Freeipa-users mailing list:
> >> https://www.redhat.com/mailman/listinfo/freeipa-users
> >> Go to http://freeipa.org for more info on the project
> >
> >--
> >Manage your subscription for the Freeipa-users mailing list:
> >https://www.redhat.com/mailman/listinfo/freeipa-users
> >Go to http://freeipa.org for more info on the project
> >
More information about the Freeipa-users
mailing list