[Freeipa-users] missing member in group
Dmitri Pal
dpal at redhat.com
Mon Feb 18 05:16:33 UTC 2013
On 02/17/2013 03:55 PM, Jan-Frode Myklebust wrote:
> On Sun, Feb 17, 2013 at 09:48:10PM +0100, Jan-Frode Myklebust wrote:
>> (Sun Feb 17 21:40:07 2013) [sssd[be[IPALDAP]]] [sdap_fill_memberships] (7): member #2 (uid=emilb,cn=users,cn=accounts,dc=example,dc=net): not found!
>>
> <snip>
>
>> This user was migrated saturday, using:
>>
>> ipa migrate-ds --user-ignore-objectclass=ldapPublic Key --user-ignore-attribute=sshPublicKey --user-container=ou=People --group-cont ou=Groups ldap://sim1.example.net:389 --with-compat
>>
>> I don't know what --with-compat does, but it migrate-ds seemed to require it
>> this time. Earlier migrations hasn't needed it..
>>
> I see now that all the users I migrated saturday are logged as "not
> found!". Maybe they need to log in and get fully migrated before they
> show up in the groups? (We're running IPA in migration mode).
>
>
> -jf
Please do the ldap search of the user and post it here.
I bet some attribute or object class is missing.
But SSSD should see users that are just migrated.
Did you use migrate-ds or loaded LDIF manually?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list