Anonymous_User Absent Member.
Absent Member.
387 views

Delete LDAP provisioned account

Hi,

we have a problem with the following situation:

An account in LDAP was accidentally deleted and then created again, same
user name. Now Filr refuses to synchronize the account:

Cannot create user 'xyz' with dn='cn=xyz,ou=yyy,o=yyy' and
ldapGuid='51b2942bf87d50648751b2942bf87d' because a user with the same name
already exists in the database.

So far that makes sense.

The problem is: Filr does not let me delete the user so that LDAP sync can
create the new one:

"You can not delete the LDAP provisioned user 'X Y's workspace."

That does not make sense to me.

I have set to only disable, not delete, accounts that are not in LDAP any
more - but it should be possible to delete them manually!

Is there really no possibility to delete LDAP provisioned accounts? How can
I fix the problem with the recreated LDAP-account?

Thanks,
Mirko

0 Likes
5 Replies
Knowledge Partner Knowledge Partner
Knowledge Partner

Re: Delete LDAP provisioned account

I am guessing it does not want to recreate because the GUID has changed.
If you could update the GUID in the user store (database?) then maybe that
would let it see the object as being the same. Otherwise, can you rename
the user in Filr and then let the system recreate the account? I do not
know that this is what you really want, but it may get your user back in,
though perhaps without their old content linked to them.

There may be other options too; I am no Filr expert.

--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Delete LDAP provisioned account

Mirko Guldner;2465567 wrote:
Hi,

we have a problem with the following situation:

An account in LDAP was accidentally deleted and then created again, same
user name. Now Filr refuses to synchronize the account:

Cannot create user 'xyz' with dn='cn=xyz,ou=yyy,o=yyy' and
ldapGuid='51b2942bf87d50648751b2942bf87d' because a user with the same name
already exists in the database.

So far that makes sense.

The problem is: Filr does not let me delete the user so that LDAP sync can
create the new one:

"You can not delete the LDAP provisioned user 'X Y's workspace."

That does not make sense to me.

I have set to only disable, not delete, accounts that are not in LDAP any
more - but it should be possible to delete them manually!

Is there really no possibility to delete LDAP provisioned accounts? How can
I fix the problem with the recreated LDAP-account?

Thanks,
Mirko


What version of Filr are you using?

I vaguely recall running into this in an older Filr version and had to login as the actual Admin user (userid = Admin) for Filr, before it would let me delete the workspace.

Failing that, maybe someone else can shed some light, or an SR may need to be opened?

The docs indicate that you can manually delete a user, regardless of the LDAP sync settings (delete vs. disable). And, the Novell recommended setting is actually disable at least in the Filr 2.0 docs.

But the issue seems to be the workspace in this case, so not sure if it'll work with just the Admin user or not.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Antw: Delete LDAP provisioned account


I was wrong, I *can* delete the account in Filr. But the error message seems
misleading.

There two options when deleting an account in Filr:

1 "Move user workspaces to trash"
2 "Delete user workspaces"


I have tried the first and got the message "You can not delete the LDAP
provisioned user 'X Y's workspace." It seemed clear to me that I don't have
to try the second option then. But that was wrong - the second option
works.

Shouldn't the message read "You can not move the LDAP provisioned users
workspace to trash"? That would make sense more for me.

Anyway, problem solved 🙂




>>>

> Hi,
>
> we have a problem with the following situation:
>
> An account in LDAP was accidentally deleted and then created again, same
> user name. Now Filr refuses to synchronize the account:
>
> Cannot create user 'xyz' with dn='cn=xyz,ou=yyy,o=yyy' and
> ldapGuid='51b2942bf87d50648751b2942bf87d' because a user with the same
> name
> already exists in the database.
>
> So far that makes sense.
>
> The problem is: Filr does not let me delete the user so that LDAP sync
> can
> create the new one:
>
> "You can not delete the LDAP provisioned user 'X Y's workspace."
>
> That does not make sense to me.
>
> I have set to only disable, not delete, accounts that are not in LDAP
> any
> more ‑ but it should be possible to delete them manually!
>
> Is there really no possibility to delete LDAP provisioned accounts? How
> can
> I fix the problem with the recreated LDAP‑account?
>
> Thanks,
> Mirko

0 Likes
Knowledge Partner
Knowledge Partner

Re: Antw: Delete LDAP provisioned account

Mirko Guldner;2465579 wrote:
I was wrong, I *can* delete the account in Filr. But the error message seems
misleading.

There two options when deleting an account in Filr:

1 "Move user workspaces to trash"
2 "Delete user workspaces"


I have tried the first and got the message "You can not delete the LDAP
provisioned user 'X Y's workspace." It seemed clear to me that I don't have
to try the second option then. But that was wrong - the second option
works.

Shouldn't the message read "You can not move the LDAP provisioned users
workspace to trash"? That would make sense more for me.

Anyway, problem solved 🙂




>>>

> Hi,
>
> we have a problem with the following situation:
>
> An account in LDAP was accidentally deleted and then created again, same
> user name. Now Filr refuses to synchronize the account:
>
> Cannot create user 'xyz' with dn='cn=xyz,ou=yyy,o=yyy' and
> ldapGuid='51b2942bf87d50648751b2942bf87d' because a user with the same
> name
> already exists in the database.
>
> So far that makes sense.
>
> The problem is: Filr does not let me delete the user so that LDAP sync
> can
> create the new one:
>
> "You can not delete the LDAP provisioned user 'X Y's workspace."
>
> That does not make sense to me.
>
> I have set to only disable, not delete, accounts that are not in LDAP
> any
> more ‑ but it should be possible to delete them manually!
>
> Is there really no possibility to delete LDAP provisioned accounts? How
> can
> I fix the problem with the recreated LDAP‑account?
>
> Thanks,
> Mirko


I totally agree with you that the message should be correct.

What version of Filr is this? (Specific version, please).

I'll see if I can get more info and/or submit a bug report.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Antw: Re: Delete LDAP provisioned account

Version: Micro Focus Filr 3.2.1
Build: 4670 / 14. August 2017

Thanks,
Mirko

>>>


> Mirko Guldner;2465579 Wrote:
>> I was wrong, I *can* delete the account in Filr. But the error message>


> seems
>> misleading.
>>
>> There two options when deleting an account in Filr:
>>
>> 1 "Move user workspaces to trash"
>> 2 "Delete user workspaces"
>>
>>
>> I have tried the first and got the message "You can not delete the LDAP
>> provisioned user 'X Y's workspace." It seemed clear to me that I don't
>> have
>> to try the second option then. But that was wrong ‑ the second option
>> works.
>>
>> Shouldn't the message read "You can not move the LDAP provisioned users
>> workspace to trash"? That would make sense more for me.
>>
>> Anyway, problem solved :‑)
>>
>>
>>
>>
>> >>>
>> > Hi,
>> >
>> > we have a problem with the following situation:
>> >
>> > An account in LDAP was accidentally deleted and then created again,

>> same
>> > user name. Now Filr refuses to synchronize the account:
>> >
>> > Cannot create user 'xyz' with dn='cn=xyz,ou=yyy,o=yyy' and
>> > ldapGuid='51b2942bf87d50648751b2942bf87d' because a user with the

>> same
>> > name
>> > already exists in the database.
>> >
>> > So far that makes sense.
>> >
>> > The problem is: Filr does not let me delete the user so that LDAP

>> sync
>> > can
>> > create the new one:
>> >
>> > "You can not delete the LDAP provisioned user 'X Y's workspace."
>> >
>> > That does not make sense to me.
>> >
>> > I have set to only disable, not delete, accounts that are not in

>> LDAP
>> > any
>> > more ‑ but it should be possible to delete them manually!
>> >
>> > Is there really no possibility to delete LDAP provisioned accounts?

>> How
>> > can
>> > I fix the problem with the recreated LDAP‑account?
>> >
>> > Thanks,
>> > Mirko

>
> I totally agree with you that the message should be correct.
>
> What version of Filr is this? (Specific version, please).
>
> I'll see if I can get more info and/or submit a bug report.


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.