<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 06/21/2012 01:10 PM, george he wrote:
<blockquote
cite="mid:1340305818.5219.YahooMailNeo@web120005.mail.ne1.yahoo.com"
type="cite">
<div style="color: rgb(0, 0, 0); background-color: rgb(255, 255,
255); font-family: times new roman,new york,times,serif;
font-size: 12pt;">
<div><span>it's x86_64 2.2.0-1.fc17.</span></div>
</div>
</blockquote>
<br>
rpm -qi 389-ds-base<br>
<br>
<blockquote
cite="mid:1340305818.5219.YahooMailNeo@web120005.mail.ne1.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff; font-family:times
new roman, new york, times, serif;font-size:12pt">
<div><span>Thanks,</span></div>
<div><span>George<br>
</span></div>
<div><br>
<blockquote style="border-left: 2px solid rgb(16, 16, 255);
margin-left: 5px; margin-top: 5px; padding-left: 5px;">
<div style="font-family: times new roman,new
york,times,serif; font-size: 12pt;">
<div style="font-family: times new roman,new
york,times,serif; font-size: 12pt;">
<div dir="ltr"> <font face="Arial" size="2">
<hr size="1"> <b><span style="font-weight: bold;">From:</span></b>
Rob Crittenden <a class="moz-txt-link-rfc2396E" href="mailto:rcritten@redhat.com"><rcritten@redhat.com></a><br>
<b><span style="font-weight: bold;">To:</span></b>
Rich Megginson <a class="moz-txt-link-rfc2396E" href="mailto:rmeggins@redhat.com"><rmeggins@redhat.com></a> <br>
<b><span style="font-weight: bold;">Cc:</span></b>
george he <a class="moz-txt-link-rfc2396E" href="mailto:george_he7@yahoo.com"><george_he7@yahoo.com></a>;
<a class="moz-txt-link-rfc2396E" href="mailto:freeipa-users@redhat.com">"freeipa-users@redhat.com"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:freeipa-users@redhat.com"><freeipa-users@redhat.com></a> <br>
<b><span style="font-weight: bold;">Sent:</span></b>
Thursday, June 21, 2012 2:54 PM<br>
<b><span style="font-weight: bold;">Subject:</span></b>
Re: [Freeipa-users] ipa user-add<br>
</font> </div>
<br>
Rich Megginson wrote:<br>
> On 06/21/2012 12:25 PM, george he wrote:<br>
>> Hello all,<br>
>><br>
>> After the server and the client are installed,
I run<br>
>><br>
>> ipa user-add myname<br>
>><br>
>> to add users. The users are added successfully,
but each user get his<br>
>> own GID, which is the same as his UID, even
though "ipa config-show<br>
>> --all" shows<br>
>> Default users group: ipausers<br>
>><br>
>> How do I put all new users to this ipausers
group? If I use<br>
>> --gidnumber=INT, how to find out the GID of the
ipausers group?<br>
<br>
It would help to know what version and platform of IPA
you are using. <br>
The method differs by version.<br>
<br>
>><br>
>> I tried to delete a user using "ipa user-del
myname", but the private<br>
>> group myname is left there. So I did the
following:<br>
>><br>
>> # ipa group-del myname<br>
>> ipa: ERROR: Deleting a managed group is not
allowed. It must be<br>
>> detached first.<br>
>> # ipa group-detach myname<br>
>> ipa: ERROR: myname: group not found<br>
>> # ipa user-add myname<br>
>> First name: myfirstname<br>
>> Last name: mylastname<br>
>> ipa: ERROR: Unable to create private group. A
group 'myname' already<br>
>> exists.<br>
>><br>
>> How do I get out of this loop?<br>
><br>
> What is your platform and 389-ds-base version?<br>
><br>
> I'm not familiar with group-detach, but you can
manually detach and<br>
> remove the private group using ldapsearch and
ldapmodify:<br>
><br>
> assuming you have done kinit admin:<br>
> 1) ldapsearch -LLL -Y GSSAPI cn=myname dn<br>
> This will give you the DN of the group - ignore any
entries in the<br>
> compat tree<br>
><br>
> 2) ldapmodify -Y GSSAPI <<EOF<br>
> dn: DN of the group from ldapsearch<br>
> changetype: modify<br>
> delete: objectclass<br>
> objectclass: mepManagedEntry<br>
> -<br>
> delete: mepManagedBy<br>
> -<br>
><br>
> dn: DN of the group from ldapsearch<br>
> changetype: delete<br>
> EOF<br>
><br>
> This will remove the private group.<br>
>><br>
>> Thanks,<br>
>> George<br>
>><br>
>><br>
>><br>
>> _______________________________________________<br>
>> Freeipa-users mailing list<br>
>> <a moz-do-not-send="true"
ymailto="mailto:Freeipa-users@redhat.com"
href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a><br>
>> <a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
><br>
><br>
><br>
> _______________________________________________<br>
> Freeipa-users mailing list<br>
> <a moz-do-not-send="true"
ymailto="mailto:Freeipa-users@redhat.com"
href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a><br>
> <a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
<br>
<br>
<br>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
<br>
</body>
</html>