On 02/15/2013 04:06 PM, Orion Poplawski wrote:
On 02/15/2013 04:03 PM, Simo Sorce wrote:
On Fri, 2013-02-15 at 17:12 -0500, John Dennis wrote:
On 02/15/2013 04:54 PM, Orion Poplawski wrote:
Yup, then it adds it:
filter="(&(objectClass=person)(|(mail=*apac*)(cn=*apac*)(givenName=*apac*)(sn=*apac*)))"
O.K. I presume it's obvious the consequence of this little experiment is
that if we do an an RFE that results in removing the person objectclass
from non-human users you'll have to configure a custom LDAP search
filter in every client in your enterprise if you don't want them to see
non-human users in their search results.
Not really, without the person objectclass none of the attributes
thunderbird searches by default would be part of the user object, so the
user would *not* show up.
So the RFE would perfectly solve also the requirement these 'non-person'
users do not show up in thunderbird.
Simo.
posixAccount must have "cn".
That said, there are still other (and arguably more important) reasons for
this RFE.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA, Boulder Office FAX: 303-415-9702
3380 Mitchell Lane or...@nwra.com
Boulder, CO 80301 http://www.nwra.com
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users