-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/12/13 22:58, Simo Sorce wrote: > On Thu, 2013-12-05 at 22:32 +0000, Dale Macartney wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hi folks >> >> Just a quick mail from me before I call it a night. >> >> Today I've added user display pictures/avatars into FreeIPA, detailed here. >> >> https://www.dalemacartney.com/2013/12/05/adding-display-picturesavatars-red-hat-idmfreeipa/ >> >> As well as pulling those images into a GNOME3 desktop session, detailed >> here. >> >> https://www.dalemacartney.com/2013/12/05/loading-display-picturesavatars-red-hat-idmfreeipa-gnome3/ >> >> Would love some feedback if anyone is interested in these items. >> >> G'night all. >> > > Great stuff Dale, I wonder if ipa user-mod --addattr could be used to > load the avatar, instead of using ldap commands. > > Simo. G'day Simo Thanks for the suggestion however I haven't been able to do it with an ipa command for this task. I've tried the following: [root@ds01 ~]# ipa user-mod --addattr="objectClass=jpegPhoto" --addattr="jpegPhoto:< file:///root/hulk.jpg" bbanner ipa: ERROR: invalid 'addattr': Invalid format. Should be name=value [root@ds01 ~]# [root@ds01 ~]# [root@ds01 ~]# ipa user-mod --addattr="objectClass=jpegPhoto" --addattr="jpegPhoto:/root/hulk.jpg" bbanner ipa: ERROR: invalid 'addattr': Invalid format. Should be name=value [root@ds01 ~]# ipa user-mod --addattr="objectClass=jpegPhoto" --addattr="jpegPhoto=< file:///root/hulk.jpg" bbanner ipa: ERROR: unknown object class "jpegPhoto" [root@ds01 ~]# ipa user-mod --addattr="jpegPhoto=< file:///root/hulk.jpg" bbanner - ----------------------- Modified user "bbanner" - ----------------------- User login: bbanner First name: Bruce Last name: Banner Home directory: /home/bbanner Login shell: /bin/sh Email address: bban...@example.com UID: 212800012 GID: 212800012 Account disabled: False Password: False Member of groups: ipausers Kerberos keys available: False [root@ds01 ~]# ipa user-show --all bbanner dn: uid=bbanner,cn=users,cn=accounts,dc=example,dc=com User login: bbanner First name: Bruce Last name: Banner Full name: Bruce Banner Display name: Bruce Banner Initials: BB Home directory: /home/bbanner GECOS field: Bruce Banner Login shell: /bin/sh Kerberos principal: bban...@example.com Email address: bban...@example.com UID: 212800012 GID: 212800012 Account disabled: False Password: False Member of groups: ipausers Kerberos keys available: False ipauniqueid: b4009286-5e53-11e3-9d5e-001a4a0000bb jpegphoto: PCBmaWxlOi8vL3Jvb3QvaHVsay5qcGc= krbpwdpolicyreference: cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com mepmanagedentry: cn=bbanner,cn=groups,cn=accounts,dc=example,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry [root@ds01 ~]# You can see that the last command of " ipa user-mod --addattr="jpegPhoto=< file:///root/hulk.jpg" bbanner" however as the jpegPhoto attribute is encoded with base64, it appears to be encoding the characters "< file:///root/hulk.jpg" instead of the image file. The above details from showing the user after the change only shows the following text for jpegPhoto jpegphoto: PCBmaWxlOi8vL3Jvb3QvaHVsay5qcGc= When using ldapmodify, that attribute looks like the following [root@ds01 ~]# ipa user-show --all bbanner dn: uid=bbanner,cn=users,cn=accounts,dc=example,dc=com User login: bbanner First name: Bruce Last name: Banner Full name: Bruce Banner Display name: Bruce Banner Initials: BB Home directory: /home/bbanner GECOS field: Bruce Banner Login shell: /bin/sh Kerberos principal: bban...@example.com Email address: bban...@example.com UID: 212800012 GID: 212800012 Account disabled: False Password: False Member of groups: ipausers Kerberos keys available: False ipauniqueid: b4009286-5e53-11e3-9d5e-001a4a0000bb jpegphoto: /9j/4AAQSkZJRgABAgAAAQABAAD/4AAcT2NhZCRSZXY6IDE0Nzk3ICQAAAAAAAAAABj/2wCEAAIEBAYIBggICAgICAgICAgKCgoKCgoKCgoKCgoKCgoKCgoKCgwMDAwMDAwMDA0MDAwMDAwMDAwODw0MDgwMDAwBAhAQICAgICAgIEBAQEBAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgP/AABEIAHgAeAMBEQACEQEDEQH/xACVAAACAwEBAQEAAAAAAAAAAAAGBwQFCAMJAgEBAAIDAQEBAAAAAAAAAAAAAAMEAgUGAQAHEAABAgQDBAcHAQUGBwAAAAABAgMABBEhBRIxEyJBUQYyYXGhsfAHFEJSgZHRchUjYsHhFyRDgqLxFjNTY5LC4hEBAAMAAgICAgMAAAAAAAAAAAECEQMSITETQVFhBCIy/9oADAMBAAIRAxEAPwDyylFuEUICFDUEXjYMcNW5Z6lcyY88nNMO15x5wUZDlvrHkURSecdeQdjXtP38o4gIX2mJFsPzIdIAqEJBFf1G1vVIxFuT8LmKhj+1x2WSUyMpJBR1LzWc053oi3OhMZWaTP21MGpgPthmJlSP2kMPlJdI/eObAKUU/KhkEFS1aJJyhOphH4v2L2a+wX2j9GMTddlkYMpiQYb2jk66uq0iyc+UJV1j8INBzEVvSfy5oUxae6AMvqdDjj7ShTdUEEk65UjNXLqBat7xcxNyWQiq9mzEwht6SU661MIzs2utP6zQVTxSog8BWsXvyyQmrOuJdD5xGdaRuINDn3VD9QVQjupfgYvK8xCakg9LlJvSvYa+X5jVkFKtETcEjrexdyqACt3XVQ7LfcG8cREraqi3lTziQQgZR2R4JILceQRlM17/ALx4URLYk5CTM9NO0Ashuikkr4aEa8E1vzEYa/J9L+tWIukvS6bxJ3fIDCDRtGUJ+q8uv! aTpwhSK4uilWtSTWu9w599/KLF52adHWWoqVWw6x/1GnnHAxqjpBNoQtll1SS+kJcVWm58m7S3EgWPKAvB159tIQUOrcUn5hlpzyd+lTEkRnL9M8TYVVuZmNwp2dXXN2l90FVBTkKAwHq4eWLe1zEZsS0y6ltc0k5H1lNdokDdC6nerc1IsYUmmpQYeF9IcKxJpSFNNMTXw0SQCTpqrL3GtK6iFotNUJgPz+GTDCyl1tST3UHruMfRK21mpMWZky65mKSSDWsF0HHRuRcr1Se6PbAmLT3NxPwn19I92AxyUmgodYZKpuHyaluppxOulB3/7xV3t4NQy17R8eS9Ne6tL/u8vupA1Uv43Promp04R89rH23DLyVUPLvv6+kaBxXr8/XGCOOdImEsWhQZ1A04cL/0gaS1alyogJRmqLnkT38uZiGvKRzxHLT0YI65HNHnF7ITJQ4FJVlI7aeYPiIXlx6ISs0J7CG3SHcyElKyF5k7vNBBPeQSCLiKek5JSz0qw3Fegsum7aH6arcJV9dQO+gj5/N7Nd1MSU6fdAeqZWVok3VsqfzBgXeQuojRMdAcSWUISltSq0LalIT41+1Il80p9SyxH2S4S84VSM+mijZLlFf62yfEVjU1/kKaeNkb2n9HnujOHoW+6znmCpLIbVmXUC6qEcK2UQQOFTDvfs50eNT721dUs1ueOpP1PHnwi/SlTnrdvhDQbjSp1qfCCOJhZQn4syuz1w7LQIVeN1J305koFf0nnbwB10gQLudqtsoGRpsG5KqKJ7hc9wFI4gDymleN/vDaa3okhPK1fKvkaQJ1SZd6Dhtf+zyff2K5Q1CFEuIVwqnVJqfsKit4o59l5CisUeV8VIzeNcgKmnq1C1174JhUS4Zjs9LKzsukV4V9fiFpqLp6YJ7SJ6XfDylLzV3wk2VT1yikmhhnT2h9LJjFJ4zDzqlq4JKlKyJ+UZictdcotG246KaZIqWQVrCcpI! PL+nPSL+S5kDo277vt122hUU23qJ+TgO8/QRnvk+jvVWJ6Pv5Mxy5TfMTbxHDjB+4vVClp DaBWw3spoXPnPytIPipVof7Z7ICJMhvCtd07/ABG0+W3y+J7IV0ulmVSVVWWjZRucvZenOFdehMd6P50obLeQpC1lSVpcqFWRRFtOPGl+EWESiWf7PebaC1CsusqRmHNPiCLKvqNK0h7XFBlUlVdaClPX3tDDrbXsxk0OSs4oKTTZZi2TRSSPiFdRwINxqNYy1p/tAcs9Zh9a98caFJBqgGnGleFeR4wJxFzGtq15RNAQsSEy5TdsfoD/ALcYUHLfEpDLUqVVRUAkAW7eXV4698aKsquYbF9kfRVp2VmZt5AUmuRuum7dRt9o+UfyuXzEQ2/FTQH05xhlx9Mq23lbYSE0G6qvxKOUnXhXSLfhr9kOSWfVOPBrJtFFCz1DrQX489OHGN4z0ybuFFgsNusqNWt1xvjTnbgdK84zVjA1Rs2fdKpzFbm0WPnrv9m6NOceVi7wfDk4hOvPPLal0JO8coSlCeATY3Og4mFZkYeY3IyvujZk07dT5yZyndG7kSEVvuipJNOJ0EGiVaSmLYIpKUIzJWyhopISQQFZfmFTvbxKT1VaRbRYJlGYUoAJrdJI/wDE/wA41Zl6VewroujFEPtlxDOZtwtqV/1B/h/5hcE1jC8k5MG8YRJqk6xcnE5KnNnwSlViOZ5/g8IEILcKZbZQpx4glW7l6x/PbFdYyM5zEUtSWcFKSfr37t9Yq6x5MSCEOsziZdSm85CHEZUih2qlKyZqGpvQlWiRakXnos9AGG1YdgbbTVAlLYbqnXPqtVr7xuOenZHwKZ7Wbz1DC3SDBi49t0qOZYvrX/NxtqdY+01tnhh5qT8y0wnOFl4FKNwJooFX8ZURQcbAnhreNfWWdlAw7EXmVhQFRW/8Q7eNuRg9oebBwfGG8QTMTE2wE+5yu0OQZeoMqFZDTXdTQcKqJjMTUUXdHcf6PrkFB1Di5kLzJaSndf3aAZjZtKdVKUe6sJdJemRLP9JJuY2bctJyjLKE! pQkbWqafH1SK14i1u+HMVyM5Kzam0pflWWkrOXaS5SWwa7qspv2GgqIWkNgfpVhhlsTfa+Ut6fxpzcftWNjSfBtpP2cY1MSTOdtSkpOtOz8G1ReMzyRo2suIc41Prvi9MPgvGutY85q3amj1ian+XrwhXB9Xk+8iZZGUFJSKkVypHOhr5iAV9iSP/Zy0j9oID9NkEOONp5qpQa0PbS3lFTz+j3H7aQ6TTrrbWRF8xP31pr9RWPl/FDT3kmZXG00O0TWlu3x8bxtZqo9CWITcndS0BSldVCbn7CvnY6xdViSsg5tpsu1LCWQvkakfU8+Qi1mSzUnRBp11uYalm6JOWuc0QlNN41sd7TLmy0uRwjNSqLEx0r6IY21MkLZSGgnOlTW62tB4gJAG7xAJOto1lbQQHUh0VU1JOzzfvLOybbUhtRS8hxzNvoqmuTKi6SsArVpSEJkmefRuXemmXHC0UtVScpV1lU6yUk1T81KRmZNMf9N2s/SmbCUlaGVMpXb/ALSa6+WutI3FP8mlhLIMuoN8A2nMkWub/wBO+EbAM3JcjSm0pIUTpAkzNlsAVlBW6hBN8tM1O8jyijm61xwEjl610Zj+k5PVoF2dx9pfO0SUVBSd31/KIoiiaxp95H7wiuWml/PjzivihvQnMuIaASmq1HX+I9t/pWLSIVqTIIyL2hyqcPPRI5Dy7RELSZhfpmPdXg4UJWlWqFVUEngQk/L1hltXnCuaJr0B6NS+FuYM0rZvF15a84ClNpUn4RtMpyDUnUk2EZyWemTAw2QcRiTmFTF5ScZM3KAuBzIpNnmkOdvW7T9YdANL/hQBClNpRlUGwodXaK0uEnhxFIUTBuLyjaMqUJRVpzIrLYDLqn6DWlqawkg88ZqRozMzxpWemVlJXuqJqpe6DqimUIV86a6ExuN9IFYG3q7XPqqhJ62vGGPy4RTTSuUXkrIwGJRzKFZT/Pv52in1ZC1Mk/s7vIob2VWn! 0F4pdNq+afNEIzVCRaDQ8Glruew1i1JPpK/ira9O0/N/SIuuOxWTU1/9vRiYQvwaTnn1/w B22RVc5VnMT2UAPfSFbTA61VheJKyuLl1EOLCAUbwzEdXKDXu4QDx+SbTXQvGVsPKkJyY90KaIyzSFN0roM4smvAGxF4rbEzn6TPPsS7U2r/m4XNIXYpKXGl7q0pKeCkHMeAPOEazqvM7EukM2hLWUryOlNyq6hQUUrKfh4XFaUhOZFAmMTiJaUmpt9RcCEKUco3lAnfHHf+EZteJgUeZdefGM9KXcRnS8hBblkrytNKUCpCeBVlCUlVLUTRKeqkUqT9E648nvzMs00ClVVvV2nNI/J1rwirwMinG1J4U9dsXa4TBNrylJvw19acuMDwxr7w6XdcWSnOclzl19fSOWGSHz+9oiu6ONj+n8RCHkJS696oKC7y1K1UKkcNB64xGXRhNKcThbz1AFZ0oBzCu/1iATU003erWp1EL19kJI6VnX2F5mXFtKoRmQopNDqLHjpSNYE0dgvtQnGNkiZYZmWW1hVB+6cqE5RvJBFr2KbxmZ4oTaM/tm6OvtTHveDOOuTM1LKWmrakhiXG6MyqFS1aKTRKaXBtSK34v2igYbjSMRwecS0lbbRdcCG17wbY6+yz/K2TlQTSqdYo7VySZ+yk7tPd0qACUst5hxAy5kkgU13eApFVKCXiOHMz0ouSeWZdp5BClV6qfgUa36+U5b1vWkcrPl558410bncODG3S1lcTZTdxmRYpV/GetUcNI+ibqZYuv11+nr8wyOY7zSFCtK9tPxy5RmtWoSewyt0m/r13RZxZFQ/wB5aVbN3iG3hRLlLgJShSndVHsHyjzhCTAPdUELPKsWiCwT1+daH1+YWdNQOybuHrZFDNbF8JzJSQM5RTJmUnKaJoVipGmU1qOQrpZYUg1obHiDr43jVhOdI88lIYWb0N9O31pANSbm6Ays03hsyjKoIfaWb6VFrV5j6GkfPuT2UO1547WxNmU7TerU9X4bmtrfiKdBeTeEYpM4c8WVuJzUyml1lI6thXIezje! PVQZIxqZnVs7CZStNrVuAtH0rXvoQKxqIdZ/fQR+YvYMG2Jm1/X356RksXmu7bYWqp3e45vXKJvLtElXiDr9vXjAEUlGFuqTVrLn0BSKG/CmvZw74lqJVYzgUxL7zjZRU9WoVl+x8DeNBFi6kSw4nIF/FdKuBH9OMEky4LG/mO0SUGzid7LfiOzsMFTEbM4h0/v5dqb69VJ3XTX4idd3UDjfnHig2lcK6IqcrNpxiSbzJ6iUubuSquugbylUSkVIANbgQPtIZ99CsBwyaWw6zLuIZZTmWZpCMyngpWRLZBNGEINVlQqtzUmgEUtpQN/FHkhKmWUhDZOW2gbQNaAdZRuAm1KxnSKs/ZDjeHmdWCkrNGW/iv/iLpe/WANLX7II41s5PrwfBlTrq2jMNNIb2ahurzJra9/1WrAvt5gtOJIx33lx1lLS20hwFHWr2Chr+njwNou8AZG6SyDzD1es2bJUBbuPaI0VZMi5MsBUmqqn165xltafEMtqScwzDy8IYL4ImJ4oF0oPKo/29c4GGsJPFdm6pYGWoNALivj308ogWUU3OPPLJIBCjavD1qbQ4kIXcEbcw8hvP7xRK05wAA6NUtqBoUOJsDa8EiQdJiUngnMlKcq60roUkcKH7EGHphY6JJKRZffSClKa3K6qSP9Ir9hSAkm+sC6N4kmRztvzS2PlzNTCECmpS6gkV4EKqBYxn7SRELypeWZO1ogAZ1ZhQkfpT8A1A58IroAKTDOmGHTGIu59xtkgt2zld76WTQaVoAKxdTVwFdLvaMVTbgk6+76ZaApqOVPtUQ/WjzPE103xKZa2My8641ly5TfdHUrx3e+LaKDhhjGHWQQ2VJSrUCw8PD6wXEn4vGH1JUCapX1greHj56xHHDo2m6Sbnjbh2/wDyI+etZqMU1+HXTKfWnoRZEJDzqk1Kan7fiHCaksTqnu0ht4SNSinFoQK31KeA4m3Lx0gIbTeAYRvJIFUFKRU! kZKdxIPfxpFfMgKf2lYThSGG1hoNvZqbRISlZ/UpI30cgQSDeHaWRY4l1vB2rayeHI+HnF 1JvGl5Hp5ictJpl2iU9auc7t/0mp+appGexDqS2IYnic0twvzCiFa0NE05ISPMmsaGCuFwiWFSkKOU+ufnDqK5ZlkVABoDbs8IW1ISpw6VpvZxX4hlPlTWA6i4NyDal7NKq/JXd+nG/ZHdLrBWCPilGVGulN6p+kc1N/9k= krbpwdpolicyreference: cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example,dc=com mepmanagedentry: cn=bbanner,cn=groups,cn=accounts,dc=example,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry [root@ds01 ~]# Any ideas? I think getting this working via ipa user-mod would be a better option as I don't like having people using the Directory manager account when they don't need to. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSoZRwAAoJEAJsWS61tB+qsHsP/0m6PsFOjTEcCg7LJFV4DXiE fQHkeVXupApSa/OhutAxfQWt827EUhjwXmijEZ/zx2nvEMHT35LKV+ahuUAK3vqR IK18AjaoC9dRDX8jeth6r+iAT54D4eTywbs/SofjduQRmFE3/Hn+x0haXmKgTLhW khSIGvSuai7kdnKPuthhwtMclBLZxvLfSzmr5auJ7J8bn/2ThLvJVdWzgafIk+3l 5oWSqzeU+TFJP/m8abM45DMWsytBcvAxV9QmPouKUhHzrAkQnycP5+74+DfQMGGe 2SVpYTDWToB3yH/kziaiKSnqiSbmOBAmzo3BvdMjb6Dl3xWtxe1nqWjE+w+lC0NM zndPF2SKw7G4Tj0voykJeg3LlgjI7Sc+RvMmQ6PhoZ5oTgHDyl6GSw/IRpzJU7KY j2nS83HTgeAoRpruIb8brkt8bgt8FJ+bbiq8qCpS7ZU15h+2e+z+vw5c0R4IktY8 skKYHc8p3r34J8LHUTbWrjMgHRxMCDTMs7X/dccD3cKspLFiwjjlJWa080XIvkLl A1B0y4qzQqD9GyQoFqZOQY1RElVvfJqoTbGsZ0W8IGkoyWsDiek8J/dNhSTVyig6 hXJ5fGHGYrGRNm32re2uA4vzBK+JWzmzNHxUNy4JYvfhPP7yPgcO/cjV2QBJ9Su3 huHeBHif6xVk32enSqAR =sy64 -----END PGP SIGNATURE----- _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users