Thanks for the responses, Rob and Dmitri! The solution sounds very elegant.
I await UPG and the next FreeIPA release (whether or not it has UPG) eagerly.
On 2010-05-06, at 4:16 PM, Rob Crittenden wrote:
> Ryan Thomson wrote:
>> Wow, I need to improve my search skills: http://freeipa.org/page/IPAv2_alpha2
>> My answer is at the bottom of the page!
>> My apologies, everyone.
> No worries.
> We're going to build this on a new feature in 389-ds, Managed Entries
> We need an enhancement in the DNA plugin to be able to keep the uidNumber and
> gidNumber the same but the Managed Entries plugin does most of the heavy
> lifting of avoiding race conditions for us already.
> At this point we just need to wait for the next 389-ds release which should
> be in the next few weeks. Once that is available we can create our private
>> Ryan Thomson wrote:
>>> Hi list,
>>> I am wondering if FreeIPA is planning to conform to RHEL's user private
>>> group (UPG) scheme? I think having an option to enable the UPG scheme would
>>> be beneficial.
>>> Adding a user to the v2 beta reveals that the UPG scheme is not currently
>>> being followed with all new accounts auto-added to the default "ipausers"
>>> I noticed an older mailing list post by rob saying that UPG was being
>>> investigated. Has there been any progress in that investigation? Any
>>> Thank you,
>>> Freeipa-users mailing list
>> Freeipa-users mailing list
Freeipa-users mailing list