Well, I needed to set IPA to authenticate HP iLO users via LDAP. But iLO asks for cn not uid. So I change in compat tree uid to cn and that's ok. But also, I have to have memberOf attributes with user groups and they are available on standard schema not the compat. I managed to modify user entry in compat tree and add memberOf attribute with proper group but I want to do it automatically.
PS. I also have tacacs and other devices authenticated with IPA and they works just fine. 2015-06-02 12:12 GMT+02:00 Jakub Hrozek <jhro...@redhat.com>: > On Tue, Jun 02, 2015 at 11:45:44AM +0200, Vangass wrote: > > Hi, > > > > Is it possible to copy all of "memberOf" users attributes from > > cn=users,cn=accounts,dc=example,dc=com > > to cn=users,cn=compat,dc=example,dc=com? > > > > If yes, how can I do this? > > No, the compat tree uses a different schema. > > Why do you need this? > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
