Pavel Zůna wrote:
This patch handles the issue in a kind of stupid way, but I couldn't
think of anything better.
It adds a new flag parameter to user-add (--noprivate). With this flag,
the command marks the private group about to be created for deletion and
is deleted after the user is created. The only exception is when there
is a group, that is named the same way as the user, but isn't a private
group - then the group is left there.
Private groups are created automatically by the managed entry DS plugin
and I didn't find a way to disable its creation for a specific user.
I wonder if you can modify the originFilter entry in the Managed Entry
plugin and set something special so the user gets created w/o a group.
The trick would be getting the filter right. Currently it is
I wonder if we could stuff something else in there that would cause it
to evaluate false when we don't want a managed group.
Freeipa-devel mailing list