On ti, 25 helmi 2020, Mary Georgiou via FreeIPA-users wrote:
Thank you very much for the prompt answer. If I generally would like to add another container such as cn=some_other_type_of_users, cn=accounts, dc=example,dc=com. Is there a way to not create a mess in this case?
Perhaps, it would be better if you'd explain what you want to achieve. Adding other type of object is OK but it means you'll need to add a mechanism to manage those objects somehow, you need to supply additional LDAP schema, make sure it is available on all masters, as well as the code that manages those entries, handles their backup and restore, etc. Adding the same IPA users but in a separate container is not going to help -- they wouldn't be visible in IPA commands, you wouldn't be able to add them into IPA groups, reference in other objects (HBAC or SUDO rules and so on). So what is your actual goal? -- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
