Hi Dmitri: Yes, we are evaluating ways of provisioning users and their group memberships for Joiner, Mover, Leaver (JML) events.
We were thinking of your suggestion as an option and your reply was very helpful. Our expected real-time scenarios is probably 5 mins latency. Is it viable to explore provisioning accounts/group to the destination tree via LDAP calls and a subsequent cron job runs, identifies the newly provisioned accounts, and applies modifications to create the IPA-specific attributes? Or is the temp folder the only option? Thank you for all your great help. On Fri, Feb 8, 2013 at 2:39 PM, Dmitri Pal <d...@redhat.com> wrote: > On 02/08/2013 05:29 PM, It Meme wrote: > > Hi: > > Scenario: > > 1) User is created via LDAP call to IPA (i.e.the 389 Directory Server) > > The above user will not have IPA-specific attributes. > > Can we use the Python Library, or CLI, to modify the account to IPA-ize > it? > > > Is this an integration with the external provisioning system? > Do you need to do it in real time or in batches? > > A simple solution that comes to mind is: > to create users in a different sub tree in ipa temporarily > run a cron job to inspect this area and translate the data in this temp > entry into the arguments of the CLI add user command and then clean this > temp area. > ldap search > parse > ipa user-add > delete processed temp entries > > The job can run at the cadence you think is reasonable - 30 min may be? > > > Thanks. > > > _______________________________________________ > Freeipa-users mailing > listFreeipaemail@example.com://www.redhat.com/mailman/listinfo/freeipa-users > > > > -- > Thank you, > Dmitri Pal > > Sr. Engineering Manager for IdM portfolio > Red Hat Inc. > > > ------------------------------- > Looking to carve out IT costs?www.redhat.com/carveoutcosts/ > > > _______________________________________________ > Freeipa-users mailing list > Freeipafirstname.lastname@example.org > https://www.redhat.com/mailman/listinfo/freeipa-users >
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users