On 02/15/2013 03:57 PM, Orion Poplawski wrote:
On 02/15/2013 01:56 PM, John Dennis wrote:
On 02/15/2013 03:46 PM, Simo Sorce wrote:
This is an interesting use case, it would probably be appropriate to
have a RFE filed to allow to create ipa users marked as 'non-person' so
that they are not assigned the person objectclass.

Yes, that addresses one large component of the problem. But the part of the
requirement is not to have non-humans show up in every client (e.g. mail
clients) that support LDAP directory lookups. That means they have to modify
the filter on every client. That's a tall order :-(

Actually, this would cover it.  The LDAP address book searches look for
attributes that the *person objectclasses provide.  Without them, they are

Interesting, before I replied I checked the filter in my Thunderbird client and it's set to (objectclass=*). I don't know if I modified it as some point or if it's the default, I assumed it's the default. I suspect it's the default filter for many clients.

John Dennis <jden...@redhat.com>

Looking to carve out IT costs?

Freeipa-users mailing list

Reply via email to