User lifecycle: ignore SID when moving from preserved to staged

When a preserved user entry is moved to staged state, the SID
attribute must not be provided to user-stage command (the option
does not exist and the SID will be re-generated anyway).

Related: https://pagure.io/freeipa/issue/8995
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Florence Blanc-Renaud 2021-10-15 15:55:10 +02:00
parent fdfde9ce52
commit fd53ed14b0

View File

@ -1002,6 +1002,7 @@ class user_stage(LDAPMultiQuery):
u'ipauniqueid', u'krbcanonicalname',
u'sshpubkeyfp', u'krbextradata',
u'ipacertmapdata',
'ipantsecurityidentifier',
u'nsaccountlock']
def execute(self, *keys, **options):