[Freeipa-users] Provision user accounts & groups from external IM

Willem Bos whbos at xs4all.nl
Tue Jun 5 11:59:44 UTC 2012 

Thanks, you probably saved me some time/frustration ;-)

On Tue, Jun 5, 2012 at 1:14 PM, Petr Viktorin <pviktori at redhat.com> wrote:

> On 06/05/2012 12:51 PM, Alexander Bokovoy wrote:
>
>> On Tue, 05 Jun 2012, Willem Bos wrote:
>>
>>> Hi Alexander,
>>>
>>> Thanks for your quick response.
>>>
>>> Yes, the server on which the external IM environment is hosted does not
>>> have the ipa utils available. As a matter of fact, the server might
>>> even be
>>> hosted off-site. We're just beginning to explore IM solutions for our
>>> environment and the most likely architecture is a 'meta-IM' service that
>>> provisions platform specific IM's like AD, Oracle's Internet Directory
>>> and
>>> IPA. It will probably be a requirement that the meta-IM is to
>>> provision IPA
>>> directly (instead of Meta-IM -> AD -> IPA).
>>>
>>> The JASON interface looks promising, I will certainly try the example
>>> provided. Would user_add be the suitable command to use? It's the obvious
>>> candidate, but I just want to make sure...
>>>
>> Yes, user_add is the command.
>>
>>
> Also note that the RPC calls use LDAP attribute names, which are often
> different from the CLI parameters. You can use the show-mappings command to
> figure out the names to use:
>
> $ ipa show-mappings user-add
> Parameter   : LDAP attribute
> =========   : ==============
> first       : givenname
> last        : sn
> cn          : cn
> displayname : displayname
> initials    : initials
> homedir     : homedirectory
> gecos       : gecos
> shell       : loginshell
> principal   : krbprincipalname
> email       : mail
> random      : random
> uid         : uidnumber
> gidnumber   : gidnumber
> street      : street
> city        : l
> state       : st
> postalcode  : postalcode
> phone       : telephonenumber
> mobile      : mobile
> pager       : pager
> fax         : facsimiletelephonenumber
> orgunit     : ou
> title       : title
> manager     : manager
> carlicense  : carlicense
> sshpubkey   : ipasshpubkey
> noprivate   : noprivate
>
>
> Be careful as there currently are no warnings if you misspell an argument
> (we're working on that).
>
> --
> Petrł
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120605/42bfd826/attachment.htm>

More information about the Freeipa-users mailing list