Ah. Yes. The primary group was earlier changed from the user private group to a different
group shared with others. Will change gid to the original group and delete the original
group before restore. Can't delete the shared group as it's in use.
If that fails, can still delete user and recreate with original uid/gid.
On May 30, 2022 9:56:51 PM EDT, Rob Crittenden <rcritten(a)redhat.com> wrote:
Jim Kinney via FreeIPA-users wrote:
> Took a user who left and did the "delete --preserve" from the gui. So
> now they only list as a Preserved user.
> Demo of them returning to org failed when I tried to restore their
account.
> Error: ns-slapd -ERR - managed-entries-plugin - mep_add_managed_entry
> Unable to add managed entry "cn..." for origin entry "uid..."
(Already
> exists).
>
> IPA v4.9.8
The group for the user already exists.
Assuming the user is still in preserved state you can try removing the
group if it is otherwise not used and try to restore the user again.
rob
--
Computers amplify human error
Super computers are really cool