[Freeipa-users] modify schema - add group email and display attribute

Sandor Juhasz sjuhasz at chemaxon.com
Mon Jan 2 11:53:12 UTC 2017 

I would be really happy if anybody could assign an OID for the new objectcalss 
i want to use to store group mail and displayname attributes. 

Sándor Juhász 
System Administrator 
ChemAxon Ltd . 
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 
Cell: +36704258964 


From: "Sandor Juhasz" <sjuhasz at chemaxon.com> 
To: "Ludwig Krispenz" <lkrispen at redhat.com> 
Cc: freeipa-users at redhat.com 
Sent: Wednesday, December 21, 2016 4:39:32 PM 
Subject: Re: [Freeipa-users] modify schema - add group email and display attribute 

That would be perfect solution. 

How do i do it? 

ldapmodify: 
dn: cn=schema 
changetype: modify 
add: objectclasses 
objectclasses: ( <OID> 
NAME 'googleGroup' SUP groupofnames 
STRUCTURAL 
MAY ( mail $ displayname ) 
X-ORIGIN 'Extending FreeIPA' ) 

What to use for <OID>? 

Then i just 
ipa config-mod --addattr=ipaGroupObjectClasses=googleGroup 

Then groupmail.py 
from ipalib.plugins import group 
from ipalib.parameters import Str 
from ipalib import _ 

group.group.takes_params = group.group.takes_params + ( 
Str('mail?', 
cli_name='mail', 
label=_('mail'), 
), 
) 
group.group.default_attributes.append('mail') 

Then groupdisplayname.py 
from ipalib.plugins import group 
from ipalib.parameters import Str 
from ipalib import _ 


group.group.takes_params = group.group.takes_params + ( 
Str('displayname?', 
cli_name='displayname', 
label=_('dispalayname'), 
), 
) 
group.group.default_attributes.append('displayname') 

And finally update js somehow... 

Sándor Juhász 
System Administrator 
ChemAxon Ltd . 
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 
Cell: +36704258964 


From: "Ludwig Krispenz" <lkrispen at redhat.com> 
To: freeipa-users at redhat.com 
Sent: Wednesday, December 21, 2016 3:34:03 PM 
Subject: Re: [Freeipa-users] modify schema - add group email and display attribute 


On 12/21/2016 02:07 PM, Sandor Juhasz wrote: 



Hi, 

i would like to modify schema to have group objects extended with email and display name attribute. 
The reason is that we are trying to sync our ldap to our google apps. 

I don't know how much this doc http://www.freeipa.org/images/5/5b/FreeIPA33-extending-freeipa.pdf 
can be applied to groups. Neither did i find a supported attribute syntax for email, maybe 
	PrintableString 	1.3.6.1.4.1.1466.115.121.1.58 	For values which contain strings containing alphabetic, numeral, and select punctuation characters (as defined in RFC 4517 ). 
but i am not sure if that could hold email addresses. 


why don't you just use the mail attribute ? only define a new auxilliary objectclass allowing mail and displayname 

BQ_BEGIN


It would be pretty to have it exposed via ipalib and js plugins as well. 
If someone could help me out on extending schema, i would be really happy. 

Sándor Juhász 
System Administrator 
ChemAxon Ltd . 
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031 
Cell: +36704258964 



BQ_END

-- 
Red Hat GmbH, http://www.de.redhat.com/ , Registered seat: Grasbrunn, 
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, Eric Shander 

-- 
Manage your subscription for the Freeipa-users mailing list: 
https://www.redhat.com/mailman/listinfo/freeipa-users 
Go to http://freeipa.org for more info on the project 

-- 
Manage your subscription for the Freeipa-users mailing list: 
https://www.redhat.com/mailman/listinfo/freeipa-users 
Go to http://freeipa.org for more info on the project 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170102/f4e2d68c/attachment.htm>

More information about the Freeipa-users mailing list