Pavel Zůna wrote:
This patch handles the issue in a kind of stupid way, but I couldn't
think of anything better.

It adds a new flag parameter to user-add (--noprivate). With this flag,
the command marks the private group about to be created for deletion and
is deleted after the user is created. The only exception is when there
is a group, that is named the same way as the user, but isn't a private
group - then the group is left there.

Private groups are created automatically by the managed entry DS plugin
and I didn't find a way to disable its creation for a specific user.

Ticket #1131


I wonder if you can modify the originFilter entry in the Managed Entry plugin and set something special so the user gets created w/o a group.

The trick would be getting the filter right. Currently it is originFilter: objectclass=posixAccount

I wonder if we could stuff something else in there that would cause it to evaluate false when we don't want a managed group.


Freeipa-devel mailing list

Reply via email to