On Mon, Apr 04, 2016 at 04:27:02PM +0200, Jan Cholasta wrote: > Hi, > > On 1.4.2016 16:53, Tomas Babej wrote: > >Hi, > > > >this extends the user ID overrides with capability to store the user > >certificate. > > > >https://fedorahosted.org/freeipa/ticket/4955 > > The preferred way of managing certificates nowadays is using $OBJ-add-cert > and $OBJ-remove-cert commands, you should add them here as well. > > I would even go as far as not allowing to modify certificates using > idoverrideuser-mod - in user-mod and host-mod, it's there just for backward > compatibility, which is not the case here. But I don't have a strong opinion > on that. > > For consistency with user-find and host-find, the full certificate blob > should not be shown in idoverrideuser-find. You can do that by setting > search_display_attributes attribute on the idoverrideuser class > appropriately.
I tested the current patch with my related patches for SSSD and all is working as expected. bye, Sumit > > Honza > > -- > Jan Cholasta > > -- > Manage your subscription for the Freeipa-devel mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-devel > Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
