On 02/15/2013 03:12 PM, John Dennis wrote:
On 02/15/2013 04:54 PM, Orion Poplawski wrote:
On 02/15/2013 02:34 PM, John Dennis wrote:
What happens if you set the TB filter to (objectclass=person)?


Yup, then it adds it:


filter="(&(objectClass=person)(|(mail=*apac*)(cn=*apac*)(givenName=*apac*)(sn=*apac*)))"



O.K. I presume it's obvious the consequence of this little experiment is that
if we do an an RFE that results in removing the person objectclass from
non-human users you'll have to configure a custom LDAP search filter in every
client in your enterprise if you don't want them to see non-human users in
their search results.


Well, it at least doesn't present an email during auto completion (since there is none), but an empty address book entry is returned during and address book search.

Hopefully can be set with Mozilla Enterprise deployment tools.

And at least such a possibility would exist.

--
Orion Poplawski
Technical Manager                     303-415-9701 x222
NWRA, Boulder Office                  FAX: 303-415-9702
3380 Mitchell Lane                       or...@nwra.com
Boulder, CO 80301                   http://www.nwra.com

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to