Bug 522179

Summary: Unable to add ipa user or ipa group: Allocation of a new value for uidNumber failed
Product: [Retired] freeIPA Reporter: Jenny Severance <jgalipea>
Component: ipa-serverAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: high    
Version: 2.0CC: benl, dpal, jgalipea, mgregg
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: freeipa-2.0.0-1.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-03-27 07:14:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 431020    
Attachments:
Description Flags
ensure that maxvalue > nextvalue in dna config none

Description Jenny Severance 2009-09-09 16:51:29 UTC 
Description of problem:
Adding a new user or group results in error:

"Allocation of a new value for uidNumber failed! Unable to proceed." 

DS errors log contains:

getting dna-plugin - dna_get-next_value: no more values available!!

Environment:
Single master installed.  Installed without supplying starting uid/gid number.

DNA configuration:

dn: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
objectClass: nsContainer
cn: Distributed Numeric Assignment Plugin
nsslapd-pluginInitfunc: dna_init
nsslapd-pluginType: preoperation
nsslapd-pluginPath: libdna-plugin
nsslapd-plugin-depends-on-type: database
nsslapd-pluginId: Distributed Numeric Assignment
nsslapd-pluginVersion: 8.1.0
nsslapd-pluginVendor: Red Hat, Inc.
nsslapd-pluginDescription: Distributed Numeric Assignment plugin
nsslapd-pluginEnabled: on

# Posix Accounts, Distributed Numeric Assignment Plugin, plugins, config
dn: cn=Posix Accounts,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=c
 onfig
objectClass: top
objectClass: extensibleObject
cn: Posix Accounts
dnatype: uidNumber
dnanextvalue: 1628393912
dnainterval: 1
dnamaxvalue: 1000000000
dnamagicregen: 999
dnafilter: (objectclass=posixAccount)
dnascope: dc=bos,dc=redhat,dc=com

# Posix Groups, Distributed Numeric Assignment Plugin, plugins, config
dn: cn=Posix Groups,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=con
 fig
objectClass: top
objectClass: extensibleObject
cn: Posix Groups
dnatype: gidNumber
dnanextvalue: 1628393914
dnainterval: 1
dnamaxvalue: 1000000000
dnamagicregen: 999
dnafilter: (objectclass=posixGroup)
dnascope: dc=bos,dc=redhat,dc=com

Version-Release number of selected component (if applicable):
ipa-server-selinux-2.0-3.20090909.el5ipa

How reproducible:


Steps to Reproduce:
1. install ipa , do not supply starting uid/gid
2. kinit as admin
3. attempt to add a user
  
Actual results:
dnamaxvalue is less than dnanextvalue in configuration resulting in failure to allocate new value for uidNumber.

Expected results:
successfully add user with dnaNextValue as uidNumber, dnaNextValue increased by one.

Additional info:
Comment 1 Rob Crittenden 2009-09-09 17:09:56 UTC 
Created attachment 360282 [details]
ensure that maxvalue > nextvalue in dna config
Comment 2 Rob Crittenden 2009-09-09 17:16:21 UTC 
Should also remove dnaInterval from the configuration as it is unused by 389.
Comment 3 Rob Crittenden 2009-09-10 02:06:28 UTC 
Just the maxvalue patch

master: 0c28978a8d8a666068838b7f0c1a5bf290356151
Comment 4 Jenny Severance 2009-09-11 17:28:10 UTC 
verified: ipa-server-2.0-3.20090910.el5ipa

dn: cn=Posix Accounts,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=c
 onfig
objectClass: top
objectClass: extensibleObject
cn: Posix Accounts
dnatype: uidNumber
dnanextvalue: 1629786018
dnainterval: 1
dnamaxvalue: 1629886017
dnamagicregen: 999
dnafilter: (objectclass=posixAccount)
dnascope: dc=bos,dc=redhat,dc=com