On 14.12.23 23:31, Rob Crittenden via FreeIPA-users wrote:
Ronald Wimmer via FreeIPA-users wrote:
On 14.12.23 14:42, Alexander Bokovoy via FreeIPA-users wrote:
On Чцв, 14 сне 2023, Ronald Wimmer via FreeIPA-users wrote:
In our company we do have an IAM tool for user management. We need to
create IPA users via this particular tool. I am aware of all IPA
commands or API calls to create/modify or delete a user.
As the tool does not support FreeIPA yet they asked if there is a way
to manage users by using LDAP only. Could that work? What about
attributes like ipaNTSecurityIdentifier, ipaUniqueID or uidNumber?
Learn about lifecycle management. This is your way of integrating with
such tools bvy creating staged users:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/managing_idm_users_groups_hosts_and_access_control_rules/configuring-idm-for-external-provisioning-of-users_managing-users-groups-hosts#doc-wrapper
I took a quick look at the documentation. So... is it right that we have
two options
- use the IPA API or
- LDIF files
Or directly over LDAP.
The external IAM system needs to set a IPA user's password as well. What
would be the way to go here?
Cheers,
Ronald
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
