[Freeipa-devel] User life cycle: How to update 60basev3.ldif
thierry bordaz
tbordaz at redhat.com
Mon Apr 20 08:25:40 UTC 2015
On 04/20/2015 09:10 AM, Petr Spacek wrote:
> On 17.4.2015 17:16, thierry bordaz wrote:
>> Hello,
>>
>> User life cycle uses a new DS aci right: moddn. This right comes
>> with two new target keywords (target_to and target_from).
>> permission plugins should support those new target keywords and so
>> those attributes need to be defined in the schema 60basev3.ldif.
>>
>> When adding new attributes in that schema, I should pick new OIDs.
>> Is it ok to pick the next ones available in ds-oids/08-FreeIPA.txt
> I would say that these ACI-related attributes should be assigned from DS-core
> OID arc (assuming that this ACI is not FreeIPA-specific and will be available
> in core 389 DS).
Thanks Petr.
I wanted to allow new FreeIPA specific attributes to the definition of
'ipaPermissionV2' objectclass.
So it is Freeipa-core OIDs.
My understanding is that when the patch on 60baseV3.ldif will be
reviewed, I will consequently update/push 08-FreeIPA.txt changes.
thanks
thierry
>
>> (rhanana) and what is review process for changes in 08-FreeIPA.txt ?
> Use your best judgment :-) Definitions will be reviewed later when LDIF with
> it is sent as a patch to freeipa-devel list.
>
More information about the Freeipa-devel
mailing list