[Freeipa-users] Question regarding modifying attributes
Sullivan, Daniel [AAA]
dsullivan2 at bsd.uchicago.edu
Wed Apr 27 20:45:30 UTC 2016
Thank you.
Dan
> On Apr 27, 2016, at 3:00 PM, Alexander Bokovoy <abokovoy at redhat.com> wrote:
>
> On Wed, 27 Apr 2016, Sullivan, Daniel [AAA] wrote:
>> Hi,
>>
>> I have a trusted AD domain that I am enumerating object via IPA. I
>> wanted to know if i should be able to manipulate the uidNumber and
>> gidNumber stored in the default ID view via by using the ldapmodify
>> command, for example, for this DN (not local):
>>
>> uid=user at domain.edu<mailto:uid=user at domain.edu>,cn=users,cn=compat,dc=ipatst,dc=cri,dc=uchicago,dc=edu
>>
>> Should it be possible to modify this via IPA’s LDAP implementation
>> (using ldapmodify)? I appreciate you taking the time to answer my
>> question.
> No. The subtree in cn=compat,$SUFFIX is read-only and is generated every
> time you restart LDAP server.
>
> uid/gid in default ID View are managed via
> idoverrideuser/idoverridegroup set of commands.
>
> See 'ipa help idviews' for details.
>
> --
> / Alexander Bokovoy
********************************************************************************
This e-mail is intended only for the use of the individual or entity to which
it is addressed and may contain information that is privileged and confidential.
If the reader of this e-mail message is not the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is prohibited. If you have received this e-mail in error, please
notify the sender and destroy all copies of the transmittal.
Thank you
University of Chicago Medicine and Biological Sciences
********************************************************************************
More information about the Freeipa-users
mailing list