Re: [Freeipa-users] IPAv3.0 WebUI User Population
Does it just need the objectclass? Does it care if there are any values
assigned to the attributes underneath the posixaccount object class?
-Martin Basti wrote: -
To: Brad Cesarone
From: Martin Basti
Date: 08/03/2016 01:01PM
Cc: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] IPAv3.0 WebUI User Population
On 03.08.2016 19:58, Brad Cesarone wrote:
Hi Martin
I've been playing with adding objectclasses to the non-posix user. I have so
far added inetuser, ipaobject, ipasshuser. He started with top, person,
organizationalPerson, inetOrgPerson and two custom classes.
You need this 'posixaccount' according the source code of IPA 3.3.0
Martin
Nothing came up in /var/log/dirsrv/slapd-*/access when running the search but
in the /var/log/httpd/error_log there is the following entry:
user_find{u'', whoami=False, all=False, raw=False, version='2.49',
no_members=False, pkey_only=False}: SUCCESS
The command outputted
--
0 users matched
-
Number of Entries Returned 0
Thanks
-Brad
-----Martin Basti wrote: -
To: Brad Cesarone , freeipa-users@redhat.com
From: Martin Basti
Date: 08/03/2016 12:44PM
Subject: Re: [Freeipa-users] IPAv3.0 WebUI User Population
On 03.08.2016 18:38, Brad Cesarone wrote:
Hello All
I'm trying to figure out how the webUI populates the user page. I have a mix of
posix users and non-posix users.
The non-posix users were added using an LDIF and imported fine. I am able to
view them using ipa user-show, ldapsearch, and if I navigate to them using the
user details URL they show up. Groups are also able to find the non-posix users
and verify membership. I am just unable to use ipa user-find or see them in the
users page.
Hello, I'm afraid you may miss an objectclass in imported users.
Can you please run ipa user-find, and provide SRCH filter from
/var/log/dirsrv/slapd-*/access (I hope this is the right path on RHEL6.8)
Then please provide all objectclasses that have a random imported user
regards
Martin
I apologize if this has already been answered, I tried google-fu and it didn't
return anything useful.
Using IPA 3.0 on Redhat 6.8
Thanks
-Brad
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] IPAv3.0 WebUI User Population
Hi Martin
I've been playing with adding objectclasses to the non-posix user. I have so
far added inetuser, ipaobject, ipasshuser. He started with top, person,
organizationalPerson, inetOrgPerson and two custom classes.
Nothing came up in /var/log/dirsrv/slapd-*/access when running the search but
in the /var/log/httpd/error_log there is the following entry:
user_find{u'', whoami=False, all=False, raw=False, version='2.49',
no_members=False, pkey_only=False}: SUCCESS
The command outputted
--
0 users matched
-
Number of Entries Returned 0
Thanks
-Brad
-Martin Basti wrote: -
To: Brad Cesarone , freeipa-users@redhat.com
From: Martin Basti
Date: 08/03/2016 12:44PM
Subject: Re: [Freeipa-users] IPAv3.0 WebUI User Population
On 03.08.2016 18:38, Brad Cesarone wrote:
Hello All
I'm trying to figure out how the webUI populates the user page. I have a mix of
posix users and non-posix users.
The non-posix users were added using an LDIF and imported fine. I am able to
view them using ipa user-show, ldapsearch, and if I navigate to them using the
user details URL they show up. Groups are also able to find the non-posix users
and verify membership. I am just unable to use ipa user-find or see them in the
users page.
Hello, I'm afraid you may miss an objectclass in imported users.
Can you please run ipa user-find, and provide SRCH filter from
/var/log/dirsrv/slapd-*/access (I hope this is the right path on RHEL6.8)
Then please provide all objectclasses that have a random imported user
regards
Martin
I apologize if this has already been answered, I tried google-fu and it didn't
return anything useful.
Using IPA 3.0 on Redhat 6.8
Thanks
-Brad
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
[Freeipa-users] IPAv3.0 WebUI User Population
Hello All I'm trying to figure out how the webUI populates the user page. I have a mix of posix users and non-posix users. The non-posix users were added using an LDIF and imported fine. I am able to view them using ipa user-show, ldapsearch, and if I navigate to them using the user details URL they show up. Groups are also able to find the non-posix users and verify membership. I am just unable to use ipa user-find or see them in the users page. I apologize if this has already been answered, I tried google-fu and it didn't return anything useful. Using IPA 3.0 on Redhat 6.8 Thanks -Brad-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Sync & BaseDN change
Hello I hope this finds the right thread because the original thread was replied ot the list and not my email... I need to sync to another ldap directory which has a different SUFFIX than IPA sets up. I successfully imported from our OpenLDAP to IPA but I still need to sync with a separate master ldap server. So the provider server suffix is dc=example,dc=com. This suffix is different than the DNS suffix and there is no kerberos realm to match too for the provider side. IPA server suffix is dc=domain, dc=com. So the two options I see is create a script which connects and compares both ldaps ensuring it can match to different suffixs or some how change the suffix of the originally installed -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Sync and BaseDN
Whoops sorry about that. I didn't know my original question posted. The reply went to the mailing list only and not my other email. I'll keep the original going in the original thread as much as possible. Thanks! -Rob Crittenden wrote: - To: Brad Cesarone , freeipa-users@redhat.com From: Rob Crittenden Date: 07/08/2016 12:14PM Subject: Re: [Freeipa-users] Sync and BaseDN Brad Cesarone wrote: > Hello > > I have a few questions > 1) Is it possible to sync/replicate with another ldap server? i.e Oracle > Identity Manager > 2) If #1 is true, is it possible to sync with two different suffixs? > 3) Is it possible to either install IPA with a custom ldap Suffix or > change the suffix once it is created? > https://www.redhat.com/archives/freeipa-users/2016-July/msg00091.html-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Sync and BaseDN
Hello I have a few questions 1) Is it possible to sync/replicate with another ldap server? i.e Oracle Identity Manager 2) If #1 is true, is it possible to sync with two different suffixs? 3) Is it possible to either install IPA with a custom ldap Suffix or change the suffix once it is created? Thank you-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Sync & BaseDN change
Hello I have two questions 1) Is it possible to sync/replicate with another ldap server? i.e Oracle Identity Manager 2) If #1 is true, is it possible to sync with two different suffixs? 3) Is it possible to either install IPA with a custom ldap Suffix or change the suffix once it is created? Thank you -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
