Hi,
I am going to migrate an existing environment to FreeIPA 4.5. The current LDAP
has a few site-specific attributes and I have been trying to figure out how I
add these in an easy was that also keeps them when upgrading etc.
I was thinking that making them optional would allow us to ad them without
expanding the IPA web-interface. But which is the best way to place the
additional LDIF file for extending the schema, I have read different location
and some documentation point to using ldapmodify directly and most of the stuff
I find regarding this is from 2014 or earlier so I’m unsure if it’s still
relevant.
I would like to add something like this to all users:
dn: cn=schema
changetype: modify
add: attributetypes
attributeTypes: ( OurUserType-oid NAME 'OurUserType' DESC 'Specifies account
type: user / sys' SYNTAX IA5String SINGLE-VALUE )
attributeTypes: ( OurSysOwner-oid NAME 'OurSysOwner' DESC 'Owner of Sys account
/ Roles' SYNTAX IA5String SINGLE-VALUE )
-
add: objectclasses
objectclasses: ( ourUserSpec-oid NAME 'ourUserSpec' SUP top AUXILIARY DESC
'Holds user-specific attr' MAY ( ourUserType $ OurSysOwner ) )
Should this be located under /usr/share/ipa/updates, /usr/share/ipa/schema.d or
should it be added in some other place?
I want to be able to set the attributes while creating users, user-add …
—setattr ourUserType=“usertype1” ….
Regards
Henrik
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
