[Freeipa-devel] [PATCHES] 0080-0081 Add userClass attributes for users and hosts
Simo Sorce
simo at redhat.com
Tue Oct 29 13:04:33 UTC 2013
On Tue, 2013-10-29 at 12:42 +0100, Martin Kosek wrote:
> On 10/29/2013 10:49 AM, Ana Krivokapic wrote:
> > Hello,
> >
> > Patch 0080 adds userClass attribute for users to IPA CLI.
> > Patch 0081 adds userClass attribute for users and hosts to the web UI.
> >
> > Design page:
> > http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems
> >
> > Tickets:
> > https://fedorahosted.org/freeipa/ticket/3588
> > https://fedorahosted.org/freeipa/ticket/3590
>
> NACK to just extending posixAccount objectclass. This is a standard objectclass
> defined by RFC 2307 and we cannot just simply extend and overwrite it as we wish.
Uhh indeed this is a big No-no.
> We will need to come up with some custom objectclass, like ipaUser. This is the
> reason why I wrote to ticket "A second goal of this ticket is to review current
> objectClass hierarchy of users and do changes if needed." so that we can pick
> the best option where to place it.
userClass is used in ipaHost, so I guess it could be instead add to an
ipa objectclass. ipaObject might be used perhaps, otherwise we'll need a
new ipaUser objectlass.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list