<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 04/25/2013 09:54 AM, Martin Kosek wrote:
<blockquote cite="mid:517935A4.5070803@redhat.com" type="cite">On
04/25/2013 12:37 PM, Petr Viktorin wrote:
<br>
<blockquote type="cite">On 04/23/2013 10:10 AM, Martin Kosek
wrote:
<br>
<blockquote type="cite">This new freeform host attribute will
allow provisioning systems
<br>
to add custom tags for host objects which can be later used
for
<br>
in automember rules or for additional local interpretation.
<br>
<br>
Design page:
<br>
<a class="moz-txt-link-freetext" href="http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems">http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems</a>
<br>
Ticket: <a class="moz-txt-link-freetext" href="https://fedorahosted.org/freeipa/ticket/3583">https://fedorahosted.org/freeipa/ticket/3583</a>
<br>
<br>
-----
<br>
<br>
This is how it can be used:
<br>
<br>
# ipa hostgroup-add webservers
<br>
Description: web servers
<br>
----------------------------
<br>
Added hostgroup "webservers"
<br>
----------------------------
<br>
Host-group: webservers
<br>
Description: web servers
<br>
<br>
# ipa automember-add --type=hostgroup webservers
<br>
----------------------------------
<br>
Added automember rule "webservers"
<br>
----------------------------------
<br>
Automember Rule: webservers
<br>
<br>
# ipa automember-add-condition --key=userclass
--type=hostgroup
<br>
--inclusive-regex=^webserver webservers
<br>
----------------------------------
<br>
Added condition(s) to "webservers"
<br>
----------------------------------
<br>
Automember Rule: webservers
<br>
Inclusive Regex: userclass=^webserver
<br>
----------------------------
<br>
Number of conditions added 1
<br>
----------------------------
<br>
<br>
<br>
<br>
# ipa host-add web.example.com --force --class=webserver
--class=mailserver
<br>
----------------------------
<br>
Added host "web.example.com"
<br>
----------------------------
<br>
Host name: web.example.com
<br>
Principal name: <a class="moz-txt-link-abbreviated" href="mailto:host/web.example.com@EXAMPLE.COM">host/web.example.com@EXAMPLE.COM</a>
<br>
Class: webserver, mailserver
<<<<<<<<<<
<br>
Password: False
<br>
Member of host-groups: webservers
<<<<<<<<<<
<br>
Indirect Member of netgroup: webservers
<br>
Keytab: False
<br>
Managed by: web.example.com
<br>
<br>
<br>
Martin
<br>
<br>
</blockquote>
<br>
I was surprised to find that host-show doesn't show it by
default. Is there a
<br>
reason to not put userclass in default_attributes?
<br>
<br>
Please add a test.
<br>
<br>
</blockquote>
<br>
Fixed. Updated patch attached.
<br>
<br>
Martin
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Freeipa-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre>
</blockquote>
<br>
Can we use this patch to create a HOWTO on how to add and LDAP
attribute to IPA?<br>
Also we have, I suspect a lot of metadata about attributes encoded
in the framework, right?<br>
Why can't we use some kind of the data file(s) for it? This way one
can add attributes dynamically and the framework would pick them up.<br>
It is clear that it would have to be done on all replicas but still
it would not require people to change the code - only configuration.
Have we ever thought about this?<br>
<br>
<pre class="moz-signature" cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
<a class="moz-txt-link-abbreviated" href="http://www.redhat.com/carveoutcosts/">www.redhat.com/carveoutcosts/</a>
</pre>
</body>
</html>