Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1859218

Summary: dsidm doesn't support modrdn
Product: Red Hat Directory Server Reporter: mreynolds
Component: 389-ds-baseAssignee: Simon Pichugin <spichugi>
Status: CLOSED ERRATA QA Contact: RHDS QE <ds-qe-bugs>
Severity: unspecified Docs Contact: Marc Muehlfeld <mmuehlfe>
Priority: unspecified    
Version: 11.0CC: gkimetto, pasik, sgouvern, spichugi
Target Milestone: ---   
Target Release: dirsrv-11.3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: redhat-ds-11-8040020210326143715.45c09202 Doc Type: Enhancement
Doc Text:
.The `dsidm` utility supports renaming and moving entries With this enhancement, you can use the `dsidm` utility to rename and move users, groups, POSIX groups, roles, and organizational units (OU) in Directory Server. For further details and examples, see the link:https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/renaming_an_entry#renaming-users-groups-posix-groups-and-ous[Renaming Users, Groups, POSIX Groups, and OUs] section in the Directory Server Administration Guide.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2021-05-19 07:54:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description mreynolds 2020-07-21 13:31:16 UTC 
This bug is created as a clone of upstream ticket:
https://pagure.io/389-ds-base/issue/50943

#### Issue Description
`dsidm` can't change user's uid:

```
[root@server-f31 ds]# dsidm -y /root/dspw server-f31 user modify test replace:uid:test2
Error: Operation not allowed on RDN

[root@server-f31 ds]# dsidm -y /root/dspw server-f31 user modify test replace:dn:uid=test2,ou=People,dc=example,dc=com
Error: Object class violation - attribute "distinguishedName" not allowed

[root@server-f31 ds]# cat /var/log/dirsrv/slapd-server-f31/audit

time: 20200309112954
dn: uid=test,ou=people,dc=example,dc=com
result: 67
changetype: modify
replace: uid
uid: test2
-
replace: modifiersname
modifiersname: cn=directory manager
-
replace: modifytimestamp
modifytimestamp: 20200309112954Z
-

time: 20200309113018
dn: uid=test,ou=people,dc=example,dc=com
result: 65
changetype: modify
replace: distinguishedName
distinguishedName: uid=test2,ou=People,dc=example,dc=com
-
replace: modifiersname
modifiersname: cn=directory manager
-
replace: modifytimestamp
modifytimestamp: 20200309113018Z
-

```

#### Package Version and Platform
389-ds-base-1.4.2.8-3.fc31.x86_64
Comment 4 Simon Pichugin 2021-02-17 11:56:59 UTC 
Additionally, with this enhancement, you can use the `dsidm` utility to rename and move Roles.

The rest looks good to me!
Thank you!
Comment 12 Gilbert Kimetto 2021-04-27 14:53:59 UTC 
Build Version:
389-ds-base-1.4.3.22-1.module+el8dsrv+10501+8ce33e95.x86_64
389-ds-base-libs-1.4.3.22-1.module+el8dsrv+10501+8ce33e95.x86_64


STEPS:
1.) Create a DS instance with sample entries 
2.) List current user ids:
    dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user list
    
   $demo_user

3.) Command has been updated to rename the username and now works as follows:
    dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user --help
usage: dsidm instance user [-h]
                           {list,get,get_dn,create,modify,rename,delete} ...

positional arguments:
  {list,get,get_dn,create,modify,rename,delete}
                        action
    list                list
    get                 get
    get_dn              get_dn
    create              create
    modify              modify <add|delete|replace>:<attribute>:<value> ...
    rename              rename the object
    delete              deletes the object

optional arguments:
  -h, --help            show this help message and exit


4.) Rename the user that was listed above:
    dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user rename <current UID> <new UID>
5.) Verify that a Success message is given

    Successfully renamed to uid=demo_....
6.)  List current user id verify that that UID was successfully renamed
     dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user list
     # demo_user2

marking as VERIFIED
Comment 16 errata-xmlrpc 2021-05-19 07:54:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (redhat-ds:11 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2021:2038