On Mon, Jul 08, 2019 at 10:29:58AM -0400, Marc Boorshtein via FreeIPA-users wrote:
> Thanks Sumit,
>
>
> > But SSSD supports adding a new id-range with 'ipa idrange-add ....' the
> > name should be unique, e.g. the name of the other range of the AD domain
> > with a '_2' suffix. The --base-id can be directly on top of the end of
> > the existing id-range, the --rid-base is 200000 and --dom-sid and
> > --dom-name are the same as for the existing id-range.
> >
> >
> >
> When you say baseid can be directly on top of the end of the existing id
> range, does that mean it would be the baseid of the existing range + 200000?

Hi,

yes, the range will include the baseid (typically ending with '0') and
then then next 200000 IDs, so the last one will has a '9' at the end.
The next free one is baseid+200000.

Btw, there are various checks to make sure a new idrange does not
overlap with an existing one, 'ipa idrange-add' should return an error
in this case.

HTH

bye,
Sumit

> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org