How to force a host removal from a host group when the 389-ds automembership plugin is used?
Issue
In Identity Management (IdM), when adding or modifying a host, it is possible to automatically add the host into a hostgroup (e.g. ipa automember-add <hostgroup>
). It is possible to remove a host from a hostgroup using a LDAP command (ldapmodify
or ldapdelete
). The problem is that automember rules are triggered those commands and although the operation succeeds, the host is added back into the hostgroup.
Environment
- Red Hat Enterprise Linux 7, 8
- Red Hat Identity Management 4.X
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.