[Freeipa-devel] [PATCH 0061] Ensure ipaUserAuthTypeClass when needed on user creation
Nathaniel McCallum
npmccallum at redhat.com
Wed Aug 20 13:48:21 UTC 2014
On Wed, 2014-08-20 at 14:35 +0200, thierry bordaz wrote:
> On 08/19/2014 10:46 PM, Nathaniel McCallum wrote:
>
> > Also, remove the attempt to load the objectClasses when absent. This
> > never makes sense during an add operation.
> >
> > https://fedorahosted.org/freeipa/ticket/4455
> >
> >
> > _______________________________________________
> > Freeipa-devel mailing list
> > Freeipa-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
> Hello Nathaniel,
>
> Reading the patch I have one novice remark. In the previous
> code, 'objectclass' was added to 'entry_attr' in the case it
> was missing in 'entry_attr' (at the condition
> 'ipatokenradiusconfiglink' was defined). In the new code, if
> 'objectclass' is missing it is not added. Is it ok ?
I don't think objectClass is ever missing. It must be specified in an
add operation. Attempting to load the attribute doesn't make sense when
you are adding the object.
> Also, regarding the 'user life cycle'. Staging users are
> candidate to become Active users. I wonder if Staging users
> should also contain your fix that add the
> ipaUserAuthTypeClass.
What code is this in?
Nathaniel
More information about the Freeipa-devel
mailing list