[Freeipa-users] json api docs
Martin Kosek
mkosek at redhat.com
Fri Sep 12 14:30:28 UTC 2014
On 09/12/2014 03:36 PM, Tamas Papp wrote:
>
> On 09/12/2014 02:47 PM, Martin Kosek wrote:
>> On 09/11/2014 02:06 AM, Dmitri Pal wrote:
>>> On 09/10/2014 07:10 PM, Tamas Papp wrote:
>>>> hi All,
>>>>
>>>> Is there an offficial API documentation available?
>>>
>>> Unfortunately not much. You can search archives and find some recommendations
>>> that helped people in the past.
>>> https://www.redhat.com/archives/freeipa-users/2013-January/msg00109.html
>>>
>>> We also have a ticket
>>> https://fedorahosted.org/freeipa/ticket/3129
>>
>> We also have a ticket
>> https://fedorahosted.org/freeipa/ticket/4233
>> targeted on FreeIPA 4.1 to see the actual JSON queries that "ipa" command
>> sends. It would make it easier to see how we use the API.
>
> Actually what is the recommended way to use ipa as a simple ldap backend for a
> service without kerberos?
> In fact the service does not need kerberos and things like that, but I like the
> helper tools of ipa, like ipa command, web UI, easy replication etc.
>
> Can I make trouble by writing the directory directly though ldap
> (add/delete/modify users + groups).
>
> 10x
> tamas
You can of course use FreeIPA only as an LDAP backend to your app, even though
Kerberos brings many advantages - but this is not what you asked :-)
If you are lucky and you set all the attributes correctly, you could add users
via ldapadd. But we do not recommend it as one can easily miss some change,
attribute or objectclass that ipa command does and other tool expects. So using
the API or ipa tool itself is a recommended way of communication.
However, note that we have a work in progress exactly on this feature, i.e. an
ability to add users via LDAP protocol and then have them processed by ipa
tools adding all required attributes and stuff. See tickets
https://fedorahosted.org/freeipa/ticket/3813
https://fedorahosted.org/freeipa/ticket/4445
and design page
http://www.freeipa.org/page/V4/User_Life-Cycle_Management
This work is planned for FreeIPA 4.2.
Martin
Martin
More information about the Freeipa-users
mailing list