On Mon, Mar 20, 2017 at 05:23:31PM +0100, Iulian Roman wrote: > Hello, > > We do plan to integrate IPA with IdentityIQ (sailpoint) for user > provisioning. Because IPA does abstract all the ldap commands via new set > of commands and APIs, i am not sure if the standard ldap connector is the > right option and if it is supported ( taking into consideration that a > simple user creation does update/create more ldap containers). > > Could you please clarify if updating IPA via standard ldap commands is > supported but not necessarily a best practice or it is an absolute NO ? > > Thank You !
> -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project Hello! We have staging area for this purpose. You can create and update user entries there and once the entry is complete you can call stageuser-activate to create user entry with using values from stageuser entry. You can find description of the feature and examples on design page .  http://www.freeipa.org/page/V4/User_Life-Cycle_Management -- David Kupka
Description: PGP signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project