[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Freeipa-users] Change UID range

Title: Re: [Freeipa-users] Change UID range
On 06/13/2011 06:34 PM, Stamper, Brian P. (ARC-D)[Logyx LLC] wrote:

It’s enough of an issue that I’d spend the 1-2 hours to reinstall my server and 1 client.  I just find it really odd that the default would be so high.  I’m all for avoiding conflicts, but I can’t think of too many systems that would have a billion users.  The help on the server installer says the idstart is random.  I’d rather skip 1000 UIDs than 1.3 billion, I just find the numbers unwieldy.  Browsing the web, it looks like the default is random between 1m and 2^31.  I’d just prefer it be in the 4-6 digit range, as I do still use UIDs numerically on occasion.

I have no issue with the default being what it is, most people may not care what their UID range actually is.  I just want to know if it can be changed manually or if I have to reinstall.  I’m still in an evaluation phase with a testing system anyway, so I’ll just add it to my notes when I deploy to something I might use in production.

As far as I remember it is not possible to change after install as any first user is created using this setting.

We are heading into the era or multiple name spaces even inside one organization with all the virtualization and cloud. Though these numbers look odd it might actually be a good idea to use higher ranges to avoid conflicts between different environments down the road as there will be many different domains both IPA based as well as AD based in general case. It will be very hard to change the ranges later so leave yourself a bit of breathing room and think about you identity landscape 5-7 years from now. Wrong or limiting decisions now might lead to a lot of pain and costs down the road.



On 6/13/11 3:22 PM, "Steven Jones" <Steven Jones vuw ac nz> wrote:


The docs say they do this to try and avoid clashes with other organisations in case of a merger.

Another reason I can see is possibly Shiboleth (Federation) which I/we have to do. So is changing it that much of an issue?


From: freeipa-users-bounces redhat com [freeipa-users-bounces redhat com] on behalf of Stamper, Brian P. (ARC-D)[Logyx LLC] [brian p stamper nasa gov]
Sent: Tuesday, 14 June 2011 10:18 a.m.
To: freeipa-users redhat com
Subject: [Freeipa-users] Change UID range

After installing, I’ve noticed that my UIDs for freeipa start at 1.3 billion.  Now, this isn’t technically a problem, but it is ... Odd.  Is there a way to change this value after install, or am I stuck uninstalling and reinstalling with the --idstart value set to get this to a more reasonable number?


Freeipa-users mailing list
Freeipa-users redhat com

_______________________________________________ Freeipa-users mailing list Freeipa-users redhat com https://www.redhat.com/mailman/listinfo/freeipa-users

Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.

Looking to carve out IT costs?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]