Bug 522179 - Unable to add ipa user or ipa group: Allocation of a new value for uidNumber failed
Summary: Unable to add ipa user or ipa group: Allocation of a new value for uidNumber ...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: freeIPA
Classification: Retired
Component: ipa-server
Version: 2.0
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Rob Crittenden
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks: 431020
TreeView+ depends on / blocked
 
Reported: 2009-09-09 16:51 UTC by Jenny Galipeau
Modified: 2015-01-04 23:40 UTC (History)
4 users (show)

Fixed In Version: freeipa-2.0.0-1.fc15
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-03-27 07:14:50 UTC


Attachments (Terms of Use)
ensure that maxvalue > nextvalue in dna config (1006 bytes, patch)
2009-09-09 17:09 UTC, Rob Crittenden
no flags Details | Diff

Description Jenny Galipeau 2009-09-09 16:51:29 UTC
Description of problem:
Adding a new user or group results in error:

"Allocation of a new value for uidNumber failed! Unable to proceed." 

DS errors log contains:

getting dna-plugin - dna_get-next_value: no more values available!!

Environment:
Single master installed.  Installed without supplying starting uid/gid number.

DNA configuration:

dn: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
objectClass: top
objectClass: nsSlapdPlugin
objectClass: extensibleObject
objectClass: nsContainer
cn: Distributed Numeric Assignment Plugin
nsslapd-pluginInitfunc: dna_init
nsslapd-pluginType: preoperation
nsslapd-pluginPath: libdna-plugin
nsslapd-plugin-depends-on-type: database
nsslapd-pluginId: Distributed Numeric Assignment
nsslapd-pluginVersion: 8.1.0
nsslapd-pluginVendor: Red Hat, Inc.
nsslapd-pluginDescription: Distributed Numeric Assignment plugin
nsslapd-pluginEnabled: on

# Posix Accounts, Distributed Numeric Assignment Plugin, plugins, config
dn: cn=Posix Accounts,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=c
 onfig
objectClass: top
objectClass: extensibleObject
cn: Posix Accounts
dnatype: uidNumber
dnanextvalue: 1628393912
dnainterval: 1
dnamaxvalue: 1000000000
dnamagicregen: 999
dnafilter: (objectclass=posixAccount)
dnascope: dc=bos,dc=redhat,dc=com

# Posix Groups, Distributed Numeric Assignment Plugin, plugins, config
dn: cn=Posix Groups,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=con
 fig
objectClass: top
objectClass: extensibleObject
cn: Posix Groups
dnatype: gidNumber
dnanextvalue: 1628393914
dnainterval: 1
dnamaxvalue: 1000000000
dnamagicregen: 999
dnafilter: (objectclass=posixGroup)
dnascope: dc=bos,dc=redhat,dc=com

Version-Release number of selected component (if applicable):
ipa-server-selinux-2.0-3.20090909.el5ipa

How reproducible:


Steps to Reproduce:
1. install ipa , do not supply starting uid/gid
2. kinit as admin
3. attempt to add a user
  
Actual results:
dnamaxvalue is less than dnanextvalue in configuration resulting in failure to allocate new value for uidNumber.

Expected results:
successfully add user with dnaNextValue as uidNumber, dnaNextValue increased by one.

Additional info:

Comment 1 Rob Crittenden 2009-09-09 17:09:56 UTC
Created attachment 360282 [details]
ensure that maxvalue > nextvalue in dna config

Comment 2 Rob Crittenden 2009-09-09 17:16:21 UTC
Should also remove dnaInterval from the configuration as it is unused by 389.

Comment 3 Rob Crittenden 2009-09-10 02:06:28 UTC
Just the maxvalue patch

master: 0c28978a8d8a666068838b7f0c1a5bf290356151

Comment 4 Jenny Galipeau 2009-09-11 17:28:10 UTC
verified: ipa-server-2.0-3.20090910.el5ipa

dn: cn=Posix Accounts,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=c
 onfig
objectClass: top
objectClass: extensibleObject
cn: Posix Accounts
dnatype: uidNumber
dnanextvalue: 1629786018
dnainterval: 1
dnamaxvalue: 1629886017
dnamagicregen: 999
dnafilter: (objectclass=posixAccount)
dnascope: dc=bos,dc=redhat,dc=com


Note You need to log in before you can comment on or make changes to this bug.