[Freeipa-devel] [PATCH] Add a new user-add flag param to disable the creation of UPG.
Rob Crittenden
rcritten at redhat.com
Mon Mar 28 21:05:19 UTC 2011
Pavel Zůna wrote:
> This patch handles the issue in a kind of stupid way, but I couldn't
> think of anything better.
>
> It adds a new flag parameter to user-add (--noprivate). With this flag,
> the command marks the private group about to be created for deletion and
> is deleted after the user is created. The only exception is when there
> is a group, that is named the same way as the user, but isn't a private
> group - then the group is left there.
>
> Private groups are created automatically by the managed entry DS plugin
> and I didn't find a way to disable its creation for a specific user.
>
> Ticket #1131
>
> Pavel
I wonder if you can modify the originFilter entry in the Managed Entry
plugin and set something special so the user gets created w/o a group.
The trick would be getting the filter right. Currently it is
originFilter: objectclass=posixAccount
I wonder if we could stuff something else in there that would cause it
to evaluate false when we don't want a managed group.
rob
More information about the Freeipa-devel
mailing list