[Freeipa-devel] Supported Staged entries
thierry bordaz
tbordaz at redhat.com
Tue May 27 13:24:31 UTC 2014
On 05/27/2014 03:10 PM, Simo Sorce wrote:
> On Tue, 2014-05-27 at 14:59 +0200, thierry bordaz wrote:
>> Now if an entry was not created by FreeIPA CLI ('ipa user-add
>> --stage') it could be impossible to update/unstage the entry with
>> FreeIPA CLI .
>> For example with those two entries. 'ipa user-mod TestUser --stage' or
>> 'ipa user-unstage TestUser' are unable to select the correct entry
>>
> Keep in mind that use case #1 for the staging are is "non-freeipa"
> provisioning systems. So it is pretty much granted in the large majority
> of cases entries will not be created by freeipa tools, which is why I
> also do not want to "move" them, but only use them as templates for
> actual user creation.
>
> Simo.
>
Ok. Good to know, I was thinking 'non-freeipa' provisioning to be a
corner case and I was wrong it is the common case.
Now to make a user active, 'ipa user-unstage tuser' will be the unique way.
To be able to select the appropriate entry, I think we need to limit the
RDN attribute to 'uid'.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140527/cb3eb813/attachment.htm>
More information about the Freeipa-devel
mailing list