On Tue, 05 Jun 2012, Willem Bos wrote:
Hi all,
Is there an API to provision user accounts to FreeIPA that I can use
from an external Identity Management environment? Of course, we could
just simply create an LDAP object in the 389 server but this probably
won't trigger the same actions as using `ipa user-add ...` or `ipa
group-add ...` from the command line.
by "external IdM environment" you mean one where you can't use 'ipa
user-add' manually due to ipa utils not being available on that host?
As IPA server exposes two interfaces, XML-RPC and JSON-based, you may
use any of them directly.
http://adam.younglogic.com/2010/07/talking-to-freeipa-json-web-api-via-curl/
shows how to use curl to communicate directly. This example
assumes you have configured and working kerberos in curl on the machine
you run it. If not, you'd need to modify the example to use
password-based session which would be a bit more elaborate.
--
/ Alexander Bokovoy
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
