[Freeipa-users] deleting ipa user
Ludwig Krispenz
lkrispen at redhat.com
Wed Apr 29 14:58:41 UTC 2015
On 04/29/2015 04:49 PM, Andy Thompson wrote:
>> -----Original Message-----
>> From: Ludwig Krispenz [mailto:lkrispen at redhat.com]
>> Sent: Wednesday, April 29, 2015 10:51 AM
>> To: Andy Thompson
>> Cc: thierry bordaz; Martin Kosek; freeipa-users at redhat.com
>> Subject: Re: [Freeipa-users] deleting ipa user
>>
>> did you run the searches as directory manager ?
>>
> Yep sure did
that's weird, as directory manager you should be able to see the
nscpentrywsi attribute, could you paste your full search request ?
>
>
>
>> On 04/29/2015 04:34 PM, Andy Thompson wrote:
>>>> -----Original Message-----
>>>> From: Ludwig Krispenz [mailto:lkrispen at redhat.com]
>>>> Sent: Wednesday, April 29, 2015 10:28 AM
>>>> To: Andy Thompson
>>>> Cc: thierry bordaz; Martin Kosek; freeipa-users at redhat.com
>>>> Subject: Re: [Freeipa-users] deleting ipa user
>>>>
>>>> can you do the followin search on both servers ?
>>>>
>>>> ldapsearch -LLL -o ldif-wrap=no -h xxx p xxx -x -D "cn=directory
>>>> manager" - w xxx -b "dc=xxx.... "
>>>> "(&(objectclass=nstombstone)(nsuniqueid=7e1a1f87-e82611e4-
>> 99f1b343-
>>>> f0abc1a8))"
>>>> nscpentrywsi | grep -i objectClass
>>> The server that I initially attempted the deletion on returns nothing.
>>> The second server (the one currently throwing the consumer failed
>>> replay error) returns this if I remove the nscpentrywsi attribute
>>> filter. If I leave the attribute filter I don't get anything
>>>
>>> objectClass: posixgroup
>>> objectClass: ipaobject
>>> objectClass: mepManagedEntry
>>> objectClass: top
>>> objectClass: nsTombstone
>>>
>>> -andy
More information about the Freeipa-users
mailing list