Hi all,
We're performing some migrate-ds and noticed some missing users. We took a
closer look and the errors are:
<redacted user>: attribute "givenName" not allowed
<redacted user>: attribute "givenName" not allowed
<redacted user>: attribute "departmentNumber" not allowed
<redacted user>: attribute "departmentNumber" not allowed
<redacted user>: attribute "departmentNumber" not allowed
This is odd, because this OU is being grabbed with some filters which
should specifically ignore these attributes. The old environment is
OpenLDAP and the migrate-ds command is as follows:
ipa migrate-ds --schema=RFC2307 --base-dn="dc=<redacted>,dc=com"
--bind-dn="cn=<redacted>,ou=<redacted>,dc=<redacted>,dc=com"
--ca-cert-file=/etc/ssl/certs/ca.crt ldaps://<redacted>
--user-container=ou=<redacted> --user-objectclass=posixaccount
--group-container=ou=group --group-objectclass=posixgroup
--user-ignore-attribute="sn,ldappublickey,sshpublickey,givenName,departmentNumber"
--user-ignore-objectclass={person,organizationalPerson,inetOrgPerson,departmentNumber,givenName,ldappublickey,sshpublickey}
Regards,
Alfred