I don't believe that the attribute is an OU.

try performing a:

ipa group-show engineering --all --raw

I believe that your automember rule wants to be cn=^Engineering

"You cannot hope to secure that which you do not first understand"
Jr Aquino
Manager Operation Services, Infrastructure and Application Security
GXPN | GIAC Exploit Researcher and Advanced Penetration Tester
GCIH | GIAC Certified Incident Handler
GWAPT | GIAC WebApp Penetration Tester

Citrix Systems, Inc | 7408 Hollister Avenue | Goleta, CA 93117
SaaS Division
T:  +1 805.690.3478

On Apr 30, 2014, at 2:10 PM, Dimitar Georgievski <mitk...@gmail.com> wrote:

> Hi,
> I am trying to create rules to place users in given user groups based on the 
> value of their ou (Organization Unit) field in their profiles. For some 
> reason it is not working, and I am trying to understand why. 
> The rule is very simple and looks like this
>  ipa automember-find engineering
> Grouping Type: group
> ---------------
> 1 rules matched
> ---------------
>   Description: Add automatically  Engineering users to engineering User Group
>   Automember Rule: engineering
>   Inclusive Regex: ou=^Engineering
> With this rule in place I would expect all the new users with ou=Engineering 
> to be automatically placed in the engineering user group.
> I am using FreeIPA v3.0.0 on CentOS 6.5 
> Thanks
> Dimitar 
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

Freeipa-users mailing list

Reply via email to