Brian J. Murrell via FreeIPA-users wrote: > On Tue, 2024-11-05 at 09:05 -0500, Rob Crittenden via FreeIPA-users > wrote: >> >> See >> https://rcritten.wordpress.com/2015/01/05/freeipa-and-no-dna-range/ >> > > The blog entry says at some point "Once you’re sure you have a viable > range". How do I determine a "viable range"? Do I have to look at > existing user and group ids to ensure whatever range I come up with > doesn't include any existing values? In your posting you seem to have > come up with a range of 1689700000-1689799999. Those are wildly big > numbers. How/why did you choose them?
It's in the blog. ipa iprange-find. That along with the range of already issued ids will give you an idea of what the available ranges are. It is possible there are holes if multiple servers issued ids so there is no clear-cut answer. Theoretically the dna range generator within 389 will skip values already allocated but I play it safe and use known unused values. By default IPA allocates a 200k block of ids from a random number starting point. It is usually huge numbers. > If it's relevant, the other master in my case is dead and long-gone and > will never be resurrected so I assume any range it may have had is > irrelevant now? Correct. > I do have FreeIPA VERSION: 4.9.13, API_VERSION: 2.251. Should I still > use the manual method or should I be using dnarange-show and dnarange- > set? Take your pick. dnarange-show/set make it easier to change the settings and is what I'd use. rob -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
