How to force a host removal from a host group when the 389-ds automembership plugin is used?

Solution Verified - Updated -

Issue

In Identity Management (IdM), when adding or modifying a host, it is possible to automatically add the host into a hostgroup (e.g. ipa automember-add <hostgroup>). It is possible to remove a host from a hostgroup using a LDAP command (ldapmodify or ldapdelete). The problem is that automember rules are triggered those commands and although the operation succeeds, the host is added back into the hostgroup.

Environment

  • Red Hat Enterprise Linux 7, 8
  • Red Hat Identity Management 4.X

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content