On 02/15/2013 03:57 PM, Orion Poplawski wrote:
On 02/15/2013 01:56 PM, John Dennis wrote:
On 02/15/2013 03:46 PM, Simo Sorce wrote:
This is an interesting use case, it would probably be appropriate to
have a RFE filed to allow to create ipa users marked as 'non-person' so
that they are not assigned the person objectclass.


Yes, that addresses one large component of the problem. But the part of the
requirement is not to have non-humans show up in every client (e.g. mail
clients) that support LDAP directory lookups. That means they have to modify
the filter on every client. That's a tall order :-(


Actually, this would cover it.  The LDAP address book searches look for
attributes that the *person objectclasses provide.  Without them, they are
excluded.

Interesting, before I replied I checked the filter in my Thunderbird client and it's set to (objectclass=*). I don't know if I modified it as some point or if it's the default, I assumed it's the default. I suspect it's the default filter for many clients.


--
John Dennis <jden...@redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to