On Tue, 2013-10-29 at 12:42 +0100, Martin Kosek wrote: > On 10/29/2013 10:49 AM, Ana Krivokapic wrote: > > Hello, > > > > Patch 0080 adds userClass attribute for users to IPA CLI. > > Patch 0081 adds userClass attribute for users and hosts to the web UI. > > > > Design page: > > http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems > > > > Tickets: > > https://fedorahosted.org/freeipa/ticket/3588 > > https://fedorahosted.org/freeipa/ticket/3590 > > NACK to just extending posixAccount objectclass. This is a standard > objectclass > defined by RFC 2307 and we cannot just simply extend and overwrite it as we > wish.
Uhh indeed this is a big No-no. > We will need to come up with some custom objectclass, like ipaUser. This is > the > reason why I wrote to ticket "A second goal of this ticket is to review > current > objectClass hierarchy of users and do changes if needed." so that we can pick > the best option where to place it. userClass is used in ipaHost, so I guess it could be instead add to an ipa objectclass. ipaObject might be used perhaps, otherwise we'll need a new ipaUser objectlass. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
