On Mon, Mar 20, 2017 at 05:23:31PM +0100, Iulian Roman wrote:
> Hello,
> 
> We do plan to integrate  IPA with IdentityIQ (sailpoint) for user
> provisioning. Because IPA does abstract all the ldap commands via new set
> of commands and APIs, i am not sure if the standard ldap connector is the
> right option and if it is supported ( taking into consideration that a
> simple user creation does update/create more ldap containers).
> 
> Could you please clarify if updating IPA via standard ldap commands is
> supported but not necessarily a best practice or it is an absolute NO ?
> 
> Thank You !

> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project

Hello!

We have staging area for this purpose. You can create and update user entries
there and once the entry is complete you can call stageuser-activate to create
user entry with using values from stageuser entry.

You can find description of the feature and examples on design page [1].

[1] http://www.freeipa.org/page/V4/User_Life-Cycle_Management
-- 
David Kupka

Attachment: signature.asc
Description: PGP signature

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to