[Freeipa-users] ipa user/group-mod --setattr can't remove objectclass
Stephen Ingram
sbingram at gmail.com
Tue Oct 4 05:03:33 UTC 2011
Rob-
I think this works. I'm not totally sure because I keep getting
strange schema violation errors. Perhaps it is the way each --setattr
option is evaluated by the directory. I'm going to have to dig deeper
to find out.
Needless to say thought, a --delattr option would make it much easier
to say quickly remove an objectclass or one of a list of email
addresses.
Steve
On Mon, Oct 3, 2011 at 12:05 PM, Rob Crittenden <rcritten at redhat.com> wrote:
> Stephen Ingram wrote:
>>
>> Rob-
>>
>> I tried that, but I couldn't figure out the correct format:
>>
>> ipa user-mod --setattr=objectclass=oc1, oc2, oc3
>>
>> ipa user-mod --setattr=objectclass=oc1 oc2 oc3
>>
>> ipa user-mod --setattr=objectclass=oc1, objectclass=oc2, objectclass=oc3
>>
>> and some others. Nothing seemed to work all reporting that multiple
>> arguments were not supported.
>
> This should work
>
> ipa user-mod --setattr=objectclass=oc1 --addattr=objectclass=oc2
> --addattr=objectclass=oc3 ...
>
> rob
>
>>
>> Steve
>>
>> On Mon, Oct 3, 2011 at 11:48 AM, Rob Crittenden<rcritten at redhat.com>
>> wrote:
>>>
>>> Stephen Ingram wrote:
>>>>
>>>> I've successfully used ipa user-mod --setattr to remove custom
>>>> attributes that I've added by simply setting the attribute equal to
>>>> nothing. However, it does not work in the case of objectclasses since
>>>> there are several and the command does not support multiple arguments.
>>>> I've seen references to --delattr in older v1 documentation.
>>>> Obviously, this could be easily accomplished with an ldapmodify
>>>> command, but it would be nice to have directly in ipa. Is this already
>>>> supported and I simply don't know the correct command?
>>>>
>>>> Steve
>>>
>>> There is currently not a delattr equivalent in v2 though we are looking
>>> into
>>> it.
>>>
>>> What you'd need to do is a setattr with the full list of objectclasses
>>> you
>>> want it to be set to. This will replace the current value(s).
>>>
>>> rob
>>>
>
>
More information about the Freeipa-users
mailing list