[Freeipa-users] Error when adding new users via UI:
Martin Kosek
mkosek at redhat.com
Tue May 24 14:15:43 UTC 2016
On 05/24/2016 04:07 PM, Rob Crittenden wrote:
> Traiano Welcome wrote:
>> Hi
>>
>> I have IPA server 4,2 running on centos 7
>> (ipa-server-4.2.0-15.el7.centos.3.x86_64).
>>
>> This morning, after many months of stable operation, I tried to add a
>> user and got this error via the web interface:
>>
>> ---
>> Operations error: Allocation of a new value for range cn=posix
>> ids,cn=distributed numeric assignment plugin,cn=plugins,cn=config
>> failed! Unable to proceed.
>> ---
>>
>> So basically, can't add any new users.
>>
>> Would anyone know how I can troubleshoot this kind of IPA error, or
>> possibly have come across and resolved it before ?
>
> At install a range of 100k id's is allocated to IPA. With each new master this
> range is divided in half. It appears you've exhausted one of the masters.
>
> What you need to do is take an inventory of what ranges (if any) are allocated
> to various masters then you should be able to move things around (this is
> assuming of course that you haven't exhausted the entire range).
>
> ipa-replica-manage list will give you a list of the IPA masters.
>
> ipa-replica-manage dnarange-show <master> and ipa-replica-manage
> dnanextrange-show <master> will help discover what is available.
>
> If you have things in nextrange then I'd start there with reallocation. Setting
> a next range of 0-0 removes the next range (e.g. make it available for a
> primary range).
>
> Take care when actually re-assigning ranges.
>
> rob
>
For the record, what currently did not work is when user is being added on a
master that does not have direct replication connect to other master with
available range.
This is improved from FreeIPA 4.3.1+:
https://fedorahosted.org/freeipa/ticket/4026
Martin
More information about the Freeipa-users
mailing list