On 2/25/2015 3:11 PM, Dmitri Pal wrote: > I think you can start with adding ntUser object class into the list of > the object classes in the IPA configuration in UI. That would apply it > to the new entries automatically.
How is that done? I'd rather not have to tweak the package files, since that will cause upgrades to be problematic, as you and Petr said. > If that does not work it is probably a bug. If it works you will have > the object class right there. > > Next step is creating attributes > - ntUserDomainId - I wonder whether it can be auto-populated using > managed entry or CoS configuration in DS. If that works it will be a > config change rather than a code change which means it will survive > upgrades (most likely). > - ntUserCreateNewAccount - should be set to true AFAIU and I wonder if > it can be set to true using same managed entry or CoS mechanism. > > I am not saying that would work but that might work and would avoid > doing code changes. I couldn't find any decent documentation on managed entries or class of service functionality. Can you point me in the right direction? > If you willing to do code changes than it should be possible to just > update the user plugin to autopopulate the entries with these > attributes. But that would definitely blow up during upgrade. Yeah, that's pretty far down on the list of options for this project. But, you never know ... Hugh -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
