On 02/15/2013 03:57 PM, Orion Poplawski wrote:
On 02/15/2013 01:56 PM, John Dennis wrote:
On 02/15/2013 03:46 PM, Simo Sorce wrote:
This is an interesting use case, it would probably be appropriate to
have a RFE filed to allow to create ipa users marked as 'non-person' so
that they are not assigned the person objectclass.
Yes, that addresses one large component of the problem. But the part of the
requirement is not to have non-humans show up in every client (e.g. mail
clients) that support LDAP directory lookups. That means they have to modify
the filter on every client. That's a tall order :-(
Actually, this would cover it. The LDAP address book searches look for
attributes that the *person objectclasses provide. Without them, they are
excluded.
Interesting, before I replied I checked the filter in my Thunderbird
client and it's set to (objectclass=*). I don't know if I modified it as
some point or if it's the default, I assumed it's the default. I suspect
it's the default filter for many clients.
--
John Dennis <jden...@redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
