[Freeipa-users] modify schema - add group email and display attribute
Sandor Juhasz
sjuhasz at chemaxon.com
Thu Jan 19 14:31:58 UTC 2017
Most probably i don't. At least i have never created one, neither did this http://www.freeipa.org/images/5/5b/FreeIPA33-extending-freeipa.pdf
refer anything like that.
How do i do it?
Sándor Juhász
System Administrator
ChemAxon Ltd .
Building Hx, GraphiSoft Park, Záhony utca 7, Budapest, Hungary, H-1031
Cell: +36704258964
From: "Alexander Bokovoy" <abokovoy at redhat.com>
To: "Sandor Juhasz" <sjuhasz at chemaxon.com>
Cc: freeipa-users at redhat.com
Sent: Thursday, January 19, 2017 3:22:34 PM
Subject: Re: [Freeipa-users] modify schema - add group email and display attribute
On to, 19 tammi 2017, Sandor Juhasz wrote:
>One more issue. Service user cannot see the new attribute. It does see the objectclass.
>
>ldif:
>dn: cn=schema
>changetype: modify
>add: objectclasses
>objectclasses: ( 1.3.6.1.4.1.49232.1.1
>NAME 'groupMail'
>SUP top
>STRUCTURAL
>MAY ( mail $ displayname )
>X-ORIGIN 'Extending FreeIPA' )
>
>Service user:
>uid=googlesync,cn=sysaccounts,cn=etc,dc=test,dc=tld
>
>Regular user:
>uid=admin,cn=users,cn=accounts,dc=test,dc=tld
admin is not a regular user.
>They both see objectclass=groupmail, but uid=googlesync does not birng back
>mail and displyaname, while using ldapsearch.
Do you have an ACI that allows to actually see the attribute?
--
/ Alexander Bokovoy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170119/52c9bb4a/attachment.htm>
More information about the Freeipa-users
mailing list