Bug 1859218 - dsidm doesn't support modrdn
Summary: dsidm doesn't support modrdn
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: 389-ds-base
Version: 11.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: dirsrv-11.3
Assignee: Simon Pichugin
QA Contact: RHDS QE
Marc Muehlfeld
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-07-21 13:31 UTC by mreynolds
Modified: 2021-05-19 07:54 UTC (History)
4 users (show)

Fixed In Version: redhat-ds-11-8040020210326143715.45c09202
Doc Type: Enhancement
Doc Text:
.The `dsidm` utility supports renaming and moving entries With this enhancement, you can use the `dsidm` utility to rename and move users, groups, POSIX groups, roles, and organizational units (OU) in Directory Server. For further details and examples, see the link:https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/renaming_an_entry#renaming-users-groups-posix-groups-and-ous[Renaming Users, Groups, POSIX Groups, and OUs] section in the Directory Server Administration Guide.
Clone Of:
Environment:
Last Closed: 2021-05-19 07:54:28 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github 389ds 389-ds-base issues 3996 0 None closed dsidm doesn't support modrdn 2021-02-17 10:55:12 UTC
Red Hat Product Errata RHEA-2021:2038 0 None None None 2021-05-19 07:54:43 UTC

Description mreynolds 2020-07-21 13:31:16 UTC 
This bug is created as a clone of upstream ticket:
https://pagure.io/389-ds-base/issue/50943

#### Issue Description
`dsidm` can't change user's uid:

```
[root@server-f31 ds]# dsidm -y /root/dspw server-f31 user modify test replace:uid:test2
Error: Operation not allowed on RDN

[root@server-f31 ds]# dsidm -y /root/dspw server-f31 user modify test replace:dn:uid=test2,ou=People,dc=example,dc=com
Error: Object class violation - attribute "distinguishedName" not allowed

[root@server-f31 ds]# cat /var/log/dirsrv/slapd-server-f31/audit

time: 20200309112954
dn: uid=test,ou=people,dc=example,dc=com
result: 67
changetype: modify
replace: uid
uid: test2
-
replace: modifiersname
modifiersname: cn=directory manager
-
replace: modifytimestamp
modifytimestamp: 20200309112954Z
-

time: 20200309113018
dn: uid=test,ou=people,dc=example,dc=com
result: 65
changetype: modify
replace: distinguishedName
distinguishedName: uid=test2,ou=People,dc=example,dc=com
-
replace: modifiersname
modifiersname: cn=directory manager
-
replace: modifytimestamp
modifytimestamp: 20200309113018Z
-

```

#### Package Version and Platform
389-ds-base-1.4.2.8-3.fc31.x86_64
Comment 4 Simon Pichugin 2021-02-17 11:56:59 UTC 
Additionally, with this enhancement, you can use the `dsidm` utility to rename and move Roles.

The rest looks good to me!
Thank you!
Comment 12 Gilbert Kimetto 2021-04-27 14:53:59 UTC 
Build Version:
389-ds-base-1.4.3.22-1.module+el8dsrv+10501+8ce33e95.x86_64
389-ds-base-libs-1.4.3.22-1.module+el8dsrv+10501+8ce33e95.x86_64


STEPS:
1.) Create a DS instance with sample entries 
2.) List current user ids:
    dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user list
    
   $demo_user

3.) Command has been updated to rename the username and now works as follows:
    dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user --help
usage: dsidm instance user [-h]
                           {list,get,get_dn,create,modify,rename,delete} ...

positional arguments:
  {list,get,get_dn,create,modify,rename,delete}
                        action
    list                list
    get                 get
    get_dn              get_dn
    create              create
    modify              modify <add|delete|replace>:<attribute>:<value> ...
    rename              rename the object
    delete              deletes the object

optional arguments:
  -h, --help            show this help message and exit


4.) Rename the user that was listed above:
    dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user rename <current UID> <new UID>
5.) Verify that a Success message is given

    Successfully renamed to uid=demo_....
6.)  List current user id verify that that UID was successfully renamed
     dsidm -D "Directory manager" -w <password> <instance> -b "<base dn>" user list
     # demo_user2

marking as VERIFIED
Comment 16 errata-xmlrpc 2021-05-19 07:54:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (redhat-ds:11 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2021:2038
Note You need to log in before you can comment on or make changes to this bug.