[Freeipa-users] extending FreeIPA

Adam Young ayoung at redhat.com
Fri May 6 20:11:35 UTC 2011 

On 05/06/2011 08:49 AM, Simo Sorce wrote:
> On Wed, 2011-05-04 at 17:41 -0700, Stephen Ingram wrote:
>> I currently maintain a directory with MTA configuration data in it
>> (among other items). I'm wondering what is the best way to add to the
>> FreeIPA schema without stepping on current and future schema additions
>> that might conflict with what I add. I know at one time you were
>> expecting to add information for Postfix and other common server
>> programs. Was this schema ever prepared and agreed upon, or is it best
>> to use some special branch to put this all under?
> Ok it seem we are confusing 2 things here, on one side schema extensions
> (new attributes and objectclasses) and on the other side DIT structure
> (subtrees within the tree where to put your information).
>
> If you use standard schema or schema you made yourself after you got
> assigned a base OID there should be no issue at all. if you do your own
> schema please be careful in trying to use a prefix for attribute and
> objectclass names so that you do not risk future name conflicts).
>
> For the DIT part it really depends on what you need to do.
> If you just need to add attributes to users then you have no other
> option but to attach them to the users and that's fine it shouldn't
> cause any issue.
>
> If you need to add entirely new objects I can suggest to create a
> cn=custom container as a top level subtree (ie at the same level of
> cn=accounts and cn=etc, ...
>
> And within it do what you need to do. This way it will not conflict with
> anything we may add in future.
>
>> Also, although I read Adam Young's blog article about how to extend
>> the WebUI, I'm having difficulty adding attributes within the existing
>> structure. For example, on the user page, is there a prescribed way of
>> adding say, the mailAlternateAddress attribute such that it shows as a
>> field in the WebUI?

The rule is that  you need to be able to do it in the CLI first, and 
then attempt it in the WebUI.  The attribute you are attmpeting to 
access needs to be added to the user object in 
freeipa/ipalib/plugins/user.py  first.  Once you have that, you can add 
it to the ui  just like email address:

  {factory: IPA.multivalued_text_widget, name:'mail'},


However,  mail is already a multivalued attribute.  You can store 
multiple email addresses there if you want, and that is the intention.  
If you want to make these both single value fields, change it to:
  fields:
                 [  "mail","mailalternateaddress",
                    {factory: IPA.multivalued_text_widget, 
name:'telephonenumber'},...


> I will let Adma reply to this one.
>
> HTH,
> Simo.
>

More information about the Freeipa-users mailing list