[Freeipa-users] Non-human users
John Dennis
jdennis at redhat.com
Fri Feb 15 21:02:23 UTC 2013
On 02/15/2013 03:57 PM, Orion Poplawski wrote:
> On 02/15/2013 01:56 PM, John Dennis wrote:
>> On 02/15/2013 03:46 PM, Simo Sorce wrote:
>>> This is an interesting use case, it would probably be appropriate to
>>> have a RFE filed to allow to create ipa users marked as 'non-person' so
>>> that they are not assigned the person objectclass.
>>
>> Yes, that addresses one large component of the problem. But the part of the
>> requirement is not to have non-humans show up in every client (e.g. mail
>> clients) that support LDAP directory lookups. That means they have to modify
>> the filter on every client. That's a tall order :-(
>>
>
> Actually, this would cover it. The LDAP address book searches look for
> attributes that the *person objectclasses provide. Without them, they are
> excluded.
Interesting, before I replied I checked the filter in my Thunderbird
client and it's set to (objectclass=*). I don't know if I modified it as
some point or if it's the default, I assumed it's the default. I suspect
it's the default filter for many clients.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list