[Freeipa-users] IPA Create User

It Meme it.meme01 at gmail.com
Tue Feb 5 00:07:50 UTC 2013


Thank you John for your helpful reply.

Near real time will be sufficient - within the 5 min range.

Will it be practical when managing a user's groups - these can happen when
a user moves within the organization or is terminated.




On Fri, Feb 1, 2013 at 8:59 PM, John Dennis <jdennis at redhat.com> wrote:

> On 02/01/2013 10:26 PM, It Meme wrote:
>
>> Hi Dimitri:
>>
>> Thank you for your helpful posts.
>>
>> Do you know of any organization that provisions accounts and groups in
>> real-time, from an external IdM system, to IPA, via CLI?
>>
>> We have an IdM system which will be reading data from HR, and making
>> 'joiner, mover, leaver, decisions' - accounts are provisioned, deleted,
>> groups changed etc based on the HR data.
>>
>> Is it feasible to consider the IdM system calling the CLI, via scripts,
>>   to create/delete accounts, manage groups, in near real-time?
>>
>
> Calling a script does not take much time (especially compared to the
> elapsed time it takes for the command to complete), it would only be an
> issue if you were trying to do a number of transactions per second, but it
> doesn't sound like your HR dept is going to need that kind of throughput.
> It's also possible to call our API from Python, others have done this.
> Whether your IdM forks out to a shell script or to a Python script would be
> negligible compared to the total elapsed time to complete the operation.
>
> I suppose the answer to your question begs another, what's your definition
> of "real time"? If your IdM triggers a transaction and it completes within
> a few seconds is that real time?
>
> John
>
> --
> John Dennis <jdennis at redhat.com>
>
>
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130204/8c3c97b2/attachment.htm>


More information about the Freeipa-users mailing list