[Freeipa-users] Change default email format
Alexander Bokovoy
abokovoy at redhat.com
Wed Aug 5 19:29:15 UTC 2015
On Mon, 03 Aug 2015, Justean wrote:
>Good morning, I was wondering if there is a way to change the way
>freeipa builds a user's email address by default. Currently it takes
>the username and appends the domain name but I would like it to take
>the form firstname.lastname at domainname.com
It is not possible to redefine email's format via configuration so you
need to write some code. Luckily, you can amend existing code without
touching it.
Below is an example:
-----------------------------------------------------------------------
/usr/lib/python2.7/site-packages/ipalib/plugins/user-ext-mail-format.py
-----------------------------------------------------------------------
from ipalib.plugins.user import user_add
def override_default_mail_cb(self, ldap, dn, entry_attrs, attrs_list, *keys, **options):
if not 'mail' in entry_attrs:
name = {'givenname': entry_attrs.get('givenname').lower(),
'sn': entry_attrs.get('sn').lower()}
mail = "{givenname}.{sn}".format(**name)
entry_attrs['mail'] = self.obj.normalize_and_validate_email(mail)
return dn
user_add.register_pre_callback(override_default_mail_cb, first=True)
-----------------------------------------------------------------------
What this Python code does? It adds a callback to user-add method in IPA
that is run before other callbacks (first=True). The callback is then
checks if mail attribute was already specified by the administrator
when calling 'ipa user-add' (Web UI calls this for you). If not, it
derives mail format from lower-cased versions of first and last names of
the user (known as 'givenname' and 'sn' attributes in LDAP
correspondingly). It then sets mail attribute to a full email format via
self.obj.normalize_and_validate_email() function which will pick up the
default DNS domain value and construct correct email.
You need to maintain this plugin extension on all IPA masters used for
creating users. Best way to do that is by packaging the plugin in an RPM
and installing it on IPA masters.
You also need to restart httpd service on IPA master to apply the
plugin.
It is used like this:
# systemctl restart httpd
# ipa user-add some.user --first Some --last User
----------------------
Added user "some.user"
----------------------
User login: some.user
First name: Some
Last name: User
Full name: Some User
Display name: Some User
Initials: SU
Home directory: /home/some.user
GECOS: Some User
Login shell: /bin/sh
Kerberos principal: some.user at EXAMPLE.COM
Email address: some.user at example.com
UID: 1634400022
GID: 1634400022
Password: False
Member of groups: ipausers
Kerberos keys available: False
# ipa user-add another.user --first Another --last User --email a.user
-------------------------
Added user "another.user"
-------------------------
User login: another.user
First name: Another
Last name: User
Full name: Another User
Display name: Another User
Initials: AU
Home directory: /home/another.user
GECOS: Another User
Login shell: /bin/sh
Kerberos principal: another.user at EXAMPLE.COM
Email address: a.user at example.com
UID: 1634400021
GID: 1634400021
Password: False
Member of groups: ipausers
Kerberos keys available: False
Command line options and LDAP attribute names are not always the same.
You can use 'ipa show-mappings user-add' to see how CLI options map to
LDAP attributes.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list