<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 08/07/2014 02:21 PM, Chris Whittle
      wrote:<br>
    </div>
    <blockquote
cite="mid:CANyEwjQ1Yan16ndDqgH2K0j9-=4+pgmpCuhaaD2BQ8TxxWeqFw@mail.gmail.com"
      type="cite">
      <div dir="ltr">Thanks guys that works!</div>
    </blockquote>
    <br>
    <br>
    And what about HOWTO? ;-)<br>
    <br>
    <br>
    <blockquote
cite="mid:CANyEwjQ1Yan16ndDqgH2K0j9-=4+pgmpCuhaaD2BQ8TxxWeqFw@mail.gmail.com"
      type="cite">
      <div class="gmail_extra"><br>
        <br>
        <div class="gmail_quote">On Thu, Aug 7, 2014 at 12:22 PM, Lucas
          Yamanishi <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:lyamanishi@sesda3.com" target="_blank">lyamanishi@sesda3.com</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div text="#000000" bgcolor="#FFFFFF">
              <div style="font-family:Arimo,sans-serif">
                <div>
                  <div class="h5">
                    <p style="margin:1.2em 0px!important">On 08/07/2014
                      12:18 PM, Chris Whittle wrote:</p>
                    <div>
                      <blockquote type="cite">
                        <div dir="ltr">I'm currently working on a trial
                          with OKTA and have installed their server
                          agent with no issues.  Now I'm trying to map
                          FreeIPA attributes with OKTA's 
                          <div><br>
                          </div>
                          <div>I'm getting no entries found, which leads
                            me to think I'm missing something</div>
                          <div><img
                              src="cid:part2.05080401.07050604@redhat.com"
                              alt="Inline image 1" height="314"
                              width="454"><br>
                          </div>
                          <div><img
                              src="cid:part3.01050504.05080301@redhat.com"
                              alt="Inline image 2" height="307"
                              width="454"><br>
                          </div>
                          <div><img
                              src="cid:part4.06080807.03040708@redhat.com"
                              alt="Inline image 3" height="313"
                              width="454"><br>
                          </div>
                          <div>Thanks!</div>
                        </div>
                        <br>
                        <fieldset></fieldset>
                        <br>
                      </blockquote>
                    </div>
                  </div>
                </div>
                <p style="margin:1.2em 0px!important">The objectClass
                  values look incorrect. Try <code
                    style="font-size:0.85em;font-family:Inconsolata,Droid
                    Sans Mono,DejaVu Sans
                    Mono,Consolas,Monaco,monospace;margin:0px
                    0.15em;padding:0px
                    0.3em;white-space:pre-wrap;border:1px solid
rgb(234,234,234);background-color:rgb(248,248,248);border-radius:3px;display:inline">posixAccount</code>
                  and <code
                    style="font-size:0.85em;font-family:Inconsolata,Droid
                    Sans Mono,DejaVu Sans
                    Mono,Consolas,Monaco,monospace;margin:0px
                    0.15em;padding:0px
                    0.3em;white-space:pre-wrap;border:1px solid
rgb(234,234,234);background-color:rgb(248,248,248);border-radius:3px;display:inline">posixGroup</code>
                  for users and groups. Roles are <code
                    style="font-size:0.85em;font-family:Inconsolata,Droid
                    Sans Mono,DejaVu Sans
                    Mono,Consolas,Monaco,monospace;margin:0px
                    0.15em;padding:0px
                    0.3em;white-space:pre-wrap;border:1px solid
rgb(234,234,234);background-color:rgb(248,248,248);border-radius:3px;display:inline">groupOfNames</code>,
                  but that’s a little less specific and will match
                  non-role entries without a search base.</p>
                <p style="margin:1.2em 0px!important">You can easily
                  look up raw entries to check your mappings with
                  commands like these (the —all and —raw options are
                  available for all *-show commands, afaik):</p>
                <pre style="font-size:0.85em;font-family:Inconsolata,Droid Sans Mono,DejaVu Sans Mono,Consolas,Monaco,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Inconsolata,Droid Sans Mono,DejaVu Sans Mono,Consolas,Monaco,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-radius:3px;display:inline;white-space:pre-wrap;overflow:auto;border-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block!important;display:block;padding:0.5em;background:none repeat scroll 0% 0% rgb(35,36,31);color:rgb(248,248,242)">ipa user-show --all --raw $USER_NAME
ipa group-show --all  --raw $GROUP
ipa role-show --all --raw $ROLE
</code></pre>
                <p style="margin:1.2em 0px!important">Or pure ldaputils:</p>
                <pre style="font-size:0.85em;font-family:Inconsolata,Droid Sans Mono,DejaVu Sans Mono,Consolas,Monaco,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Inconsolata,Droid Sans Mono,DejaVu Sans Mono,Consolas,Monaco,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-radius:3px;display:inline;white-space:pre-wrap;overflow:auto;border-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block!important;display:block;padding:0.5em;background:none repeat scroll 0% 0% rgb(35,36,31);color:rgb(248,248,242)"> ldapsearch -LLL -YGSSAPI -b 'cn=users,cn=accounts,dc=example,dc=com' 'uid=$USER_NAME'
</code></pre>
                <div
                  title="MDH:PGRpdiBjbGFzcz0ibW96LWNpdGUtcHJlZml4Ij5PbiAwOC8wNy8yMDE0IDEyOjE4IFBNLCBDaHJpcyBXaGl0dGxlIHdyb3RlOjxicj48L2Rpdj48YmxvY2txdW90ZSBjaXRlPSJtaWQ6Q0FOeUV3alNZ
WUdQd09qYm9kaGdLY2pocU09eEthSllObXVURlZkK3ktT2owcj10ajBBQG1haWwuZ21haWwuY29t
IiB0eXBlPSJjaXRlIj48ZGl2IGRpcj0ibHRyIj5JJ20gY3VycmVudGx5IHdvcmtpbmcgb24gYSB0
cmlhbCB3aXRoIE9LVEEgYW5kIGhhdmUgaW5zdGFsbGVkIHRoZWlyIHNlcnZlciBhZ2VudCB3aXRo
IG5vIGlzc3Vlcy4gJm5ic3A7Tm93IEknbSB0cnlpbmcgdG8gbWFwIEZyZWVJUEEgYXR0cmlidXRl
cyB3aXRoIE9LVEEncyZuYnNwOzxkaXY+PGJyPjwvZGl2PjxkaXY+SSdtIGdldHRpbmcgbm8gZW50
cmllcyBmb3VuZCwgd2hpY2ggbGVhZHMgbWUgdG8gdGhpbmsgSSdtIG1pc3Npbmcgc29tZXRoaW5n
PC9kaXY+CjxkaXY+PGltZyBzcmM9ImltYXA6Ly9seWFtYW5pc2hpQGltYXAuc2VzZGEzLmNvbTo5
OTMvZmV0Y2glM0VVSUQlM0UvRHJhZnRzJTNFODczNDc/aGVhZGVyPXF1b3RlYm9keSZhbXA7cGFy
dD0xLjImYW1wO2ZpbGVuYW1lPWltYWdlLnBuZyIgYWx0PSJJbmxpbmUgaW1hZ2UgMSIgaGVpZ2h0
PSIzMTQiIHdpZHRoPSI0NTQiPjxicj48L2Rpdj48ZGl2PjxpbWcgc3JjPSJpbWFwOi8vbHlhbWFu
aXNoaUBpbWFwLnNlc2RhMy5jb206OTkzL2ZldGNoJTNFVUlEJTNFL0RyYWZ0cyUzRTg3MzQ3P2hl
YWRlcj1xdW90ZWJvZHkmYW1wO3BhcnQ9MS4zJmFtcDtmaWxlbmFtZT1pbWFnZS5wbmciIGFsdD0i
SW5saW5lIGltYWdlIDIiIGhlaWdodD0iMzA3IiB3aWR0aD0iNDU0Ij48YnI+PC9kaXY+PGRpdj48
aW1nIHNyYz0iaW1hcDovL2x5YW1hbmlzaGlAaW1hcC5zZXNkYTMuY29tOjk5My9mZXRjaCUzRVVJ
RCUzRS9EcmFmdHMlM0U4NzM0Nz9oZWFkZXI9cXVvdGVib2R5JmFtcDtwYXJ0PTEuNCZhbXA7Zmls
ZW5hbWU9aW1hZ2UucG5nIiBhbHQ9IklubGluZSBpbWFnZSAzIiBoZWlnaHQ9IjMxMyIgd2lkdGg9
IjQ1NCI+PGJyPgo8L2Rpdj48ZGl2PlRoYW5rcyE8L2Rpdj48L2Rpdj4KCjxicj48ZmllbGRzZXQg
Y2xhc3M9Im1pbWVBdHRhY2htZW50SGVhZGVyIj48L2ZpZWxkc2V0Pjxicj4KCjwvYmxvY2txdW90
ZT5UaGUgb2JqZWN0Q2xhc3MgdmFsdWVzIGxvb2sgaW5jb3JyZWN0LsKgIFRyeSBgcG9zaXhBY2Nv
dW50YCBhbmQgYHBvc2l4R3JvdXBgIGZvciB1c2VycyBhbmQgZ3JvdXBzLsKgIFJvbGVzIGFyZSBg
Z3JvdXBPZk5hbWVzYCwgYnV0IHRoYXQncyBhIGxpdHRsZSBsZXNzIHNwZWNpZmljIGFuZCB3aWxs
IG1hdGNoIG5vbi1yb2xlIGVudHJpZXMgd2l0aG91dCBhIHNlYXJjaCBiYXNlLjxicj48YnI+WW91
IGNhbiBlYXNpbHkgbG9vayB1cCByYXcgZW50cmllcyB0byBjaGVjayB5b3VyIG1hcHBpbmdzIHdp
dGggY29tbWFuZHMgbGlrZSB0aGVzZSAodGhlIC0tYWxsIGFuZCAtLXJhdyBvcHRpb25zIGFyZSBh
dmFpbGFibGUgZm9yIGFsbCAqLXNob3cgY29tbWFuZHMsIGFmYWlrKTo8YnI+PGJyPmBgYDxicj5p
cGEgdXNlci1zaG93IC0tYWxsIC0tcmF3ICRVU0VSX05BTUU8YnI+aXBhIGdyb3VwLXNob3cgLS1h
bGzCoCAtLXJhdyAkR1JPVVA8YnI+aXBhIHJvbGUtc2hvdyAtLWFsbCAtLXJhdyAkUk9MRTxicj5g
YGA8YnI+PGJyPk9yIHB1cmUgbGRhcHV0aWxzOjxicj48YnI+YGBgPGJyPgpsZGFwc2VhcmNoIC1M
TEwgLVlHU1NBUEkgLWIgJ2NuPXVzZXJzLGNuPWFjY291bnRzLGRjPWV4YW1wbGUsZGM9Y29tJyAn

                  dWlkPSRVU0VSX05BTUUnPGJyPmBgYDxicj48YnI+Cg=="
                  style="min-height:0;font-size:0em;padding:0;margin:0">​</div>
              </div>
              <pre cols="72">--  
-----
*question everything*learn something*answer nothing*
------------
Lucas Yamanishi
------------------
Systems Administrator, ADNET Systems, Inc.
NASA Space and Earth Science Data Analysis (606.9)
7515 Mission Drive, Suite A100
Lanham, MD 20706 * <a moz-do-not-send="true" href="tel:301-352-4646" value="+13013524646" target="_blank">301-352-4646</a> * 0xD354B2CB</pre>
            </div>
            <br>
            --<br>
            Manage your subscription for the Freeipa-users mailing list:<br>
            <a moz-do-not-send="true"
              href="https://www.redhat.com/mailman/listinfo/freeipa-users"
              target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
            Go To <a moz-do-not-send="true" href="http://freeipa.org"
              target="_blank">http://freeipa.org</a> for more info on
            the project<br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
    </blockquote>
    <br>
    <br>
    <pre class="moz-signature" cols="72">-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.</pre>
  </body>
</html>