Simon Matthews via FreeIPA-users wrote:
> Simon Matthews via FreeIPA-users wrote:
>
> I'm lost. What users did you delete? A basic IPA installation contains
> only one user: admin. And that is a required account.
>
> The process you're following is to create a bind account in IPA. This is
> done by tweaking the ldif on the wiki page to match your environment.
>
> You need to carefully check that the dc values match what your
> installation has (see basedn in /etc/ipa/default.conf).
>
> rob
Thanks for your reply.
There were a couple of users that I ensured that I did not delete. "admin" was
one of them. I deleted them because I am tweaking a script to import the users and some
users did not get fields such as email addresses properly set.
From /etc/ipa/default.conf:
basedn = dc=ipa,dc=bluepearlsoftware,dc=com
The ldif file:
dn: uid=httpbind,cn=sysaccounts,cn=etc,dc=ipa,dc=bluepearlsoftware,dc=com
changetype: add
objectclass: account
objectclass: simplesecurityobject
uid: httpbind
userPassword: ohaimakethissimethingtoughtobreak
passwordExpirationTime: 20380119031407Z
nsIdleTimeout: 0
Exact command I am running and the full output:
ldapmodify -h ipa1.sj.bps -p 389 -f /tmp/dm.ldif
SASL/GSSAPI authentication started
SASL username: admin(a)IPA.BLUEPEARLSOFTWARE.COM
SASL SSF: 256
SASL data security layer installed.
modifying entry
"uid=httpbind,cn=sysaccounts,cn=etc,dc=ipa,dc=bluepearlsoftware,dc=comchangetype:
addobjectclass: accountobjectclass: simplesecurityobjectuid: httpbinduserPassword:
ohaimakethissimethingtoughtobreakpasswordExpirationTime: 20380119031407ZnsIdleTimeout:
0"
ldap_modify: No such object (32)
Remove the leading spaces on all the lines. A leading space is a
continuation marker in LDIF so the contents are being treated as a
single line.
rob