> Now any idea why the original '$gecos' inserts the actual string $gecos
> into FreeIPA/LDAP?

It's a shell issue, single quotes prevents any argument expansion, use
double quotes.

Sure but using just double quotes $gecos is still added to the FreeIPA record. I can at least import it with "'$gecos'" but the script then imports the single quotes as a part of the record.

We also noticed if a NIS user has a middle initial the script errors with:

ipa: ERROR: command 'user_add' takes at most 1 argument

So is there some escape character or something that works around this that isn't documented? I don't see anything with ip help user-add

> Logs also spit out this warning after every user is added:

> Failed to set perms (3140) on file (/run/ipa/ccaches/admin@OURDOMAIN.EDU)!,

I added a comment to issue 7032 https://pagure.io/freeipa/issue/7032#comment-713784 not sure if this is still a "won't fix" issue?