[Freeipa-users] FreeIPA Ldap Tree Entries

bwellsnc bwellsnc at gmail.com
Thu May 9 11:55:02 UTC 2013 

Ok, that did work, Now I have a new problem.  I am receiving this error:

Error: the plugin named cn=schema-compat-plugin-preop,cn=plugins,cn=config
already exists.

I think I have to redo what I created.  Thanks for the help


On Thu, May 9, 2013 at 7:54 AM, bwellsnc <bwellsnc at gmail.com> wrote:

> Dimitri,
>     Thanks for the info.  I believe that I have what I need.  Below is
> what I think should work.  Thanks!
>
> dn: ou=People, cn=Schema Compatibility, cn=plugins, cn=config
> objectClass: top
> objectClass: extensibleObject
> ou: People
> schema-compat-container-group: cn=compat, dc=mydomain,dc=com
> schema-compat-container-rdn: ou=People
> schema-compat-search-base: cn=users,cn=accounts,dc=mydomain,dc=com
> schema-compat-search-filter: objectclass=posixAccount
> schema-compat-entry-rdn: uid=%{uid}
> schema-compat-entry-attribute: objectclass=posixAccount
> schema-compat-entry-attribute: gecos=%{cn}
> schema-compat-entry-attribute: cn=%{cn}
> schema-compat-entry-attribute: uidNumber=%{uidNumber}
> schema-compat-entry-attribute: gidNumber=%{gidNumber}
> schema-compat-entry-attribute: loginShell=%{loginShell}
> schema-compat-entry-attribute: homeDirectory=%{homeDirectory}
>
>
>
> On Wed, May 8, 2013 at 1:55 PM, Dmitri Pal <dpal at redhat.com> wrote:
>
>>  On 05/08/2013 08:22 AM, bwellsnc wrote:
>>
>> Hello,
>>     I am in the middle of a project converting from OpenLDAP to FreeIPA.
>>  The issue currently I am having is that I want to make this a
>> smooth transition for our development team who utilize openldap.  The best
>> way I could do this would be to create an alias to the
>> cn=users,cn=accounts,dc=mydomain,dc=com and name it ou=People.  I have
>> created the alias, but I am unable to query from it.  Is there something
>> that I have to turn off in freeipa to allow this.  Thanks!
>>
>>  Brent
>>
>>
>> _______________________________________________
>> Freeipa-users mailing listFreeipa-users at redhat.comhttps://www.redhat.com/mailman/listinfo/freeipa-users
>>
>>
>> You probably want to enable compat plugin and expose the tree via that
>> plugin.
>> Enable it via ipa-compat-manage
>> Then you can configure it using specific rules
>>
>> https://git.fedorahosted.org/cgit/slapi-nis.git/tree/doc/sch-getting-started.txt
>>
>> https://git.fedorahosted.org/cgit/slapi-nis.git/tree/doc/sch-configuration.txt
>>
>> https://git.fedorahosted.org/cgit/slapi-nis.git/tree/doc/format-specifiers.txt
>>
>> --
>> Thank you,
>> Dmitri Pal
>>
>> Sr. Engineering Manager for IdM portfolio
>> Red Hat Inc.
>>
>>
>> -------------------------------
>> Looking to carve out IT costs?www.redhat.com/carveoutcosts/
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130509/d1ff130d/attachment.htm>

More information about the Freeipa-users mailing list