The check is not done only if --noprivate option is supplied in user-add. But if "UPG definition" is disabled providing the option should not be necessary.
[root@test pvoborni]# ipa-managed-entries disable -e "UPG Definition" Directory Manager password: Disabling Plugin [root@test pvoborni]# systemctl restart dirsrv Failed to restart dirsrv.service: Unit dirsrv.service failed to load: No such file or directory. [root@test pvoborni]# systemctl restart dirsrv@EXAMPLE-COM.service [root@test pvoborni]# ipa group-mod ipausers --posix ------------------------- Modified group "ipausers" ------------------------- Group name: ipausers Description: Default group for all users GID: 1351600001 [root@test pvoborni]# [root@test pvoborni]# ipa user-add fbar --first=foo --last=bar ----------------- Added user "fbar" ----------------- User login: fbar First name: foo Last name: bar Full name: foo bar Display name: foo bar Initials: fb Home directory: /home/fbar GECOS: foo bar Login shell: /bin/sh Kerberos principal: fbar@EXAMPLE.com Email address: fbar@example.com UID: 1351600003 GID: 1351600001 Password: False Member of groups: ipausers Kerberos keys available: False [root@test pvoborni]# ipa group-find --private ---------------- 0 groups matched ---------------- ---------------------------- Number of entries returned 0 ---------------------------- [root@test pvoborni]# ipa group-add testobject ------------------------ Added group "testobject" ------------------------ Group name: testobject GID: 1351600004 [root@test pvoborni]# ipa user-add testobject --first=test --last=object ipa: ERROR: Unable to create private group. A group 'testobject' already exists. [root@test pvoborni]# ipa user-show testobject ipa: ERROR: testobject: user not found [root@test pvoborni]# ipa user-add testobject --first=test --last=object --noprivate ----------------------- Added user "testobject" ----------------------- User login: testobject First name: test Last name: object Full name: test object Display name: test object Initials: to Home directory: /home/testobject GECOS: test object Login shell: /bin/sh Kerberos principal: testobject@EXAMPLE.com Email address: testobject@example.com UID: 1351600005 GID: 1351600001 Password: False Member of groups: ipausers Kerberos keys available: False
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1206690 (Red Hat Enterprise Linux 7)
Metadata Update from @pvoborni: - Issue assigned to tkrizek - Issue set to the milestone: FreeIPA 4.5 backlog
Metadata Update from @tkrizek: - Assignee reset
Metadata Update from @frenaud: - Issue assigned to frenaud
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3739 (was: 0) - Issue close_status updated to: None
master:
ipa-4-8:
ipa-4-7:
ipa-4-6:
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.