[Freeipa-users] ipa user/group-mod --setattr can't remove objectclass
Rob Crittenden
rcritten at redhat.com
Mon Oct 3 18:48:46 UTC 2011
Stephen Ingram wrote:
> I've successfully used ipa user-mod --setattr to remove custom
> attributes that I've added by simply setting the attribute equal to
> nothing. However, it does not work in the case of objectclasses since
> there are several and the command does not support multiple arguments.
> I've seen references to --delattr in older v1 documentation.
> Obviously, this could be easily accomplished with an ldapmodify
> command, but it would be nice to have directly in ipa. Is this already
> supported and I simply don't know the correct command?
>
> Steve
There is currently not a delattr equivalent in v2 though we are looking
into it.
What you'd need to do is a setattr with the full list of objectclasses
you want it to be set to. This will replace the current value(s).
rob
More information about the Freeipa-users
mailing list