On to, 07 joulu 2017, Rob Crittenden via FreeIPA-users wrote:
Andrew Radygin via FreeIPA-users wrote:
Anyone?
Of course this kind R&D question, but anyway I need to know.
2017-12-06 17:15 GMT+03:00 Andrew Radygin via FreeIPA-users
<freeipa-users@lists.fedorahosted.org
<mailto:freeipa-users@lists.fedorahosted.org>>:
Hello everybody,
I want to know, is there possibility to change default ldap scheme,
where user and groups are storing.
For instance, I have:
cn=USER, cn=groups, cn=accounts, dc=domain,dc=net
cn=GROUP-OF-USERS, cn=groups, cn=accounts, dc=domain,dc=net
It seems to be too straightforward. Can I change it to
cn=USER, cn=groups, cn=accounts, dc=domain,dc=net
cn=GROUP-OF-USERS, cn=org-groups, cn=accounts, dc=domain,dc=net
?
Or to do any other corrections of ldap scheme for placing different
objects.
You could use slapi-nis to create your own compat area and format things
as you like but there is no way other than changing code to do this
otherwise. The containers are defined in one place but it wouldn't
surprise me if there are corner cases.
Yep. Whole IPA is built around idea of flat subtrees per object type, so
there are no organizational containers under cn=users or cn=groups or
cn=machines, etc.
--
/ Alexander Bokovoy
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
