On Аўт, 19 сне 2023, Ronald Wimmer wrote:
On 14.12.23 14:42, Alexander Bokovoy wrote:
On Чцв, 14 сне 2023, Ronald Wimmer via FreeIPA-users wrote:
In our company we do have an IAM tool for user management. We need
to create IPA users via this particular tool. I am aware of all
IPA commands or API calls to create/modify or delete a user.
As the tool does not support FreeIPA yet they asked if there is a
way to manage users by using LDAP only. Could that work? What
about attributes like ipaNTSecurityIdentifier, ipaUniqueID or
uidNumber?
Learn about lifecycle management. This is your way of integrating with
such tools bvy creating staged users:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/managing_idm_users_groups_hosts_and_access_control_rules/configuring-idm-for-external-provisioning-of-users_managing-users-groups-hosts#doc-wrapper
I followed the instructions from the documentation.
How could I possibly overcome
Dec 19 09:18:39 tipa01.ipatest.mydomain.at ipa-activate-all[836863]:
ipa: ERROR: Constraint violation: pre-hashed passwords are not valid
I need to set passwords from the external system.
Set them non-hashed. Why external system hashes them in LDIF?
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
