Re: [Freeipa-users] Copy attributes to compat tree

2015-06-02 Thread Vangass
Well, I needed to set IPA to authenticate HP iLO users via LDAP. But iLO
asks for cn not uid. So I change in compat tree uid to cn and that's ok.
But also, I have to have memberOf attributes with user groups and they are
available on standard schema not the compat.
I managed to modify user entry in compat tree and add memberOf attribute
with proper group but I want to do it automatically.

PS. I also have tacacs and other devices authenticated with IPA and they
works just fine.

2015-06-02 12:12 GMT+02:00 Jakub Hrozek jhro...@redhat.com:

 On Tue, Jun 02, 2015 at 11:45:44AM +0200, Vangass wrote:
  Hi,
 
  Is it possible to copy all of memberOf users attributes from
  cn=users,cn=accounts,dc=example,dc=com
  to cn=users,cn=compat,dc=example,dc=com?
 
  If yes, how can I do this?

 No, the compat tree uses a different schema.

 Why do you need this?

 --
 Manage your subscription for the Freeipa-users mailing list:
 https://www.redhat.com/mailman/listinfo/freeipa-users
 Go to http://freeipa.org for more info on the project

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] Copy attributes to compat tree

2015-06-02 Thread Jakub Hrozek
On Tue, Jun 02, 2015 at 11:45:44AM +0200, Vangass wrote:
 Hi,
 
 Is it possible to copy all of memberOf users attributes from
 cn=users,cn=accounts,dc=example,dc=com
 to cn=users,cn=compat,dc=example,dc=com?
 
 If yes, how can I do this?

No, the compat tree uses a different schema.

Why do you need this?

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project