find_sid_for_ldap_entry - [file ipa_sidgen_cofind_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [120000023l] into an unused SID

Solution Verified - Updated -

Environment

  • IPA Server 3.0

Issue

  • dirsrv generates following error when running ipa-sidgen-task:
[30/May/2013:10:24:17 +0100] sidgen_task_thread - [file ipa_sidgen_task.c, line 191]: Sidgen task starts ...
[30/May/2013:10:24:17 +0100] find_sid_for_ldap_entry - [file ipa_sidgen_common.c, line 521]: Cannot convert Posix ID [120000023l] into an unused SID.
[30/May/2013:10:24:17 +0100] do_work - [file ipa_sidgen_task.c, line 151]: Cannot add SID to existing entry.
[30/May/2013:10:24:17 +0100] sidgen_task_thread - [file ipa_sidgen_task.c, line 196]: Sidgen task finished [32].

Resolution

  • Options to fix the issue.

Option 1.

Change the UID/GID of user presently outside the IPA assignment range with available UID/GID within assignment range. The changes can be done by using the following line:

a) Graphical Mode:

  Identity Management (IPA) Console -> Identity -> Users -> <select username> -> ACCOUNT SETTINGS -> UID/GID

b) Command Line:

   ipa user-mod <username> --uid=<uid number> --gidnumber=<gid number>

Option 2.

If possible modify the existing ID range to include UID/GID which are presently outside the range.

a) Graphical Mode:

   Identity Management (IPA) Console -> IPA Server -> ID Ranges -> <Range Name> -> RANGE SETTINGS -> Range Size

b) Command Line:

   ipa idrange-mod <Range Name> --range-size=<range size>

Option 3.

Add a respective ID range to cover UID/GID which are presently outside the range.

a) Graphical Mode:

   Identity Management (IPA) Console -> IPA Server -> ID Ranges -> Add

b) Command Line:

  ipa idrange-add <Range Name> --base-id=<id value> --range-size=<range size> --rid-base=<value>  --secondary-rid-base=<value>

Root Cause

  • The issue will be observed if the users have been created/migrated to IPA with UID/GID of the user outside the IPA ID range.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.