[Freeipa-devel] ipa-cli examples
Simo Sorce
ssorce at redhat.com
Wed Jul 4 12:46:26 UTC 2007
On Wed, 2007-07-04 at 14:42 +0900, Masato Taruishi wrote:
> Exactly. The above library provides database abstraction which hides
> ldap details by creating abstract class to hold user account
> informations. PasswordModifyExtension is used only in the ldap
> backend, so you don't have to consider about ldap details as long as
> you use this library. The ldap backend uses Password Modify Extension
> internally, in order to communicate with ipa-pwd-extop SLAPI plugin.
Our problem is that we want to hide some details, true, but we also
definitively want a much richer interface to set more than just the
fields in passwd (or passwd+shadow).
> In addition, becuase of database abstraction, you can use another
> user account database backend such as /etc/passwd, CSV and so on
> instead of ldap, though these backend has to be written in the
> future.
In which way would this be different from libuser?
> > > - example command line tools
> > >
> > > * ipa-useradd
> > >
> > > Add a user to LDAP like /usr/sbin/useradd
> > >
> >
> > How do you select the object class to represent the user?
>
> Good question. At least in the current implementation, the
> object classes are hard-coded now :( It has to be configurable.
We were thinking of putting templates directly in ldap, so that they can
centrally managed and downloaded at run time.
Simo.
More information about the Freeipa-devel
mailing list