Hi Rob,
Thanks for replying!
It is not missing and I can create new user or group on it:
[root@ipa2 ~]# ldapsearch -D "cn=directory manager" -W -b "cn=Posix
IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config"
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <cn=Posix IDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# Posix IDs, Distributed Numeric Assignment Plugin, plugins, config
dn: cn=Posix IDs,cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config
cn: Posix IDs
dnaExcludeScope: cn=provisioning,dc=example,dc=com
dnaFilter:
(|(objectClass=posixAccount)(objectClass=posixGroup)(objectClass=ip
aIDobject))
dnaMagicRegen: -1
dnaMaxValue: 1889657499
dnaNextValue: 1889650758
dnaScope: dc=example,dc=com
dnaSharedCfgDN: cn=posix-ids,cn=dna,cn=ipa,cn=etc,dc=example,dc=com
dnaThreshold: 500
dnaType: uidNumber
dnaType: gidNumber
objectClass: top
objectClass: extensibleObject
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
[root@ipa2 ~]#
On Thu, Aug 19, 2021 at 5:14 PM Rob Crittenden <rcrit...@redhat.com> wrote:
> Kathy Zhu via FreeIPA-users wrote:
> > Hello,
> >
> > ipa-healthcheck is a great tool! Really appreciate Rob to make it
> > working for Centos.
> >
> > When I ran it on all of our IPA servers, one server reported:
> >
> > [root@ipa2 ~]# ipa-healthcheck--failures-only --output-type human
> >
> > CRITICAL: ipahealthcheck.ipa.dna.IPADNARangeCheck: no matching entry
> found
> >
> > [root@ipa2 ~]#
> >
> >
> > I created a user and a group on this server then deleted them,
> > rerun ipa-healthcheck, I still get the same error. Here is the jason
> > format of it:
> >
> > {
> >
> > "source": "ipahealthcheck.ipa.dna",
> >
> > "kw": {
> >
> > "exception": "no matching entry found"
> >
> > },
> >
> > "uuid": "aaf4da70-64ca-435f-8011-b40da74b874e",
> >
> > "duration": "0.136489",
> >
> > "when": "20210819224225Z",
> >
> > "check": "IPADNARangeCheck",
> >
> > "result": "CRITICAL"
> >
> > }
> >
> >
> > We have 7 ipa servers, this is the only server with this error.
> >
> > The success one looks like below:
> >
> > {
> > "source": "ipahealthcheck.ipa.dna",
> > "kw": {
> > "range_start": 1889601184,
> > "next_start": 0,
> > "next_max": 0,
> > "range_max": 1889625999
> > },
> > "uuid": "1ce671b9-76cf-46ce-b7d2-d5eec4079d63",
> > "duration": "0.309565",
> > "when": "20210630231006Z",
> > "check": "IPADNARangeCheck",
> > "result": "SUCCESS"
> > }
> >
> >
> > Any suggestions/ideas to fix it?
>
> It looks in here for the configuration. It could thrown a not found if
> it is missing (though why/how it could be I don't know):
>
> cn=Posix IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
>
> rob
>
>
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
