-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/06/12 14:09, Rob Crittenden wrote: > Dale Macartney wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hi all >> >> I may be overlooking something here, but from what I can gather, the >> value in the ipa config of "Default e-mail domain for new users" should >> automatically create the mail attribute for said user upon creation? >> >> Do I need to do an additional step or something to activate the mail >> attribute or is it missing? >> >> Any pointers on what I'm missing to mail-enable a user in ldap? >> >> >> Running RHEL 6.2 x86_64 with ipa-server 2.1.3-9.el6 >> >> Output from ipa server as follows >> >> [root@ds01 ~]# ipa config-show >> Max. username length: 32 >> Home directory base: /home >> Default shell: /bin/bash >> Default users group: ipausers >> Default e-mail domain for new users: example.com >> Search time limit: 2 >> Search size limit: 100 >> User search fields: uid,givenname,sn,telephonenumber,ou,title >> Group search fields: cn,description >> Enable migration mode: FALSE >> Certificate Subject base: O=EXAMPLE.COM >> Password Expiration Notification (days): 4 >> [root@ds01 ~]# >> >> >> >> [root@ds01 ~]# ldapsearch -x -b dc=example,dc=com -P 3 -b >> "uid=testuser,cn=users,cn=accounts,dc=example,dc=com" >> # extended LDIF >> # >> # LDAPv3 >> # base<uid=testuser,cn=users,cn=accounts,dc=example,dc=com> with scope >> subtree >> # filter: (objectclass=*) >> # requesting: ALL >> # >> >> # testuser, users, accounts, example.com >> dn: uid=testuser,cn=users,cn=accounts,dc=example,dc=com >> displayName: testuser 1 >> cn: testuser 1 >> objectClass: top >> objectClass: person >> objectClass: organizationalperson >> objectClass: inetorgperson >> objectClass: inetuser >> objectClass: posixaccount >> objectClass: krbprincipalaux >> objectClass: krbticketpolicyaux >> objectClass: ipaobject >> objectClass: mepOriginEntry >> loginShell: /bin/bash >> sn: 1 >> gecos: testuser 1 >> homeDirectory: /home/testuser >> krbPwdPolicyReference: >> cn=global_policy,cn=EXAMPLE.COM,cn=kerberos,dc=example, >> dc=com >> krbPrincipalName: [email protected] >> givenName: testuser >> uid: testuser >> initials: t1 >> uidNumber: 1668600004 >> gidNumber: 1668600004 >> ipaUniqueID: 0d620620-acfd-11e1-943c-52540025e829 >> mepManagedEntry: cn=testuser,cn=groups,cn=accounts,dc=example,dc=com >> krbPasswordExpiration: 20120831215158Z >> krbLastPwdChange: 20120602215158Z >> krbExtraData:: AAL+ispPdGVzdHVzZXJARVhBTVBMRS5DT00A >> krbExtraData:: AAgBAA== >> krbLastSuccessfulAuth: 20120602215703Z >> krbLoginFailedCount: 0 >> >> # search result >> search: 2 >> result: 0 Success >> >> # numResponses: 2 >> # numEntries: 1 >> [root@ds01 ~]# > > It looks like it isn't creating the mail attribute by default. I opened ticket https://fedorahosted.org/freeipa/ticket/2810 > > rob Thanks for pointing out it wasn't me doing something silly ;-) On thinking deeper onto the issue, perhaps it is beneficial not to have it done by default? e.g if I have a mail server accepting mail for ldap lookups for mail entries, this would mean EVERYONE has a mailbox whereas that might not be beneficial in many situations.. In the AD side of things, a user has to be mail enabled, in order to become valid for mail purposes. In this situation, I can manually add the mail address with "ipa user-mod [email protected]" which does what I was needing. Theres a few reasons for and against having default email access for new users... I'm just bouncing some ideas out loud at the moment. Thoughts? Dale -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPzgZCAAoJEAJsWS61tB+qMasQAJgC3lSdU5HvteVvnNLFF1wz yAlwtE00NaWhF/VOToafxQdwjHfcf5PRYgqVXi92DnVzCBkOUIGUnMvumsXTEDic +WwVgQgU+p4kEDtHfyTXdwP5g8C4fZXpwdDdexLrB3lTWcelhgZCx2dd4vUIuMRj z4JUWSin0BOjtH80N/hwL4pj7m+Bn2lzBQYlm5LBU9d5Y2YhAJwJcgAbixWHzzsg fDhCNNrxttkcLBzUVbeax1cyj16HotR9d3YdPsdwJqzonwTYHK20Hf109clujbUS nesmL8AXdapCrZtrrBw8SeTmN32/G9OhoBvND9hqPLNa10MrMxOs8Mj+8UWMQnL+ nWniUHueIYCECdYOwCkydBHkFOVXDE5HiWbTAv9nYOQ7AzI2xKfE8YtezUypmWLP NeFW/bER3eZZN54tQz6KbO2+5BjS+iBe6H39j8sKQv99FN1qpKLJOo3y5JxChzWU WsXasm41INXSeneB6plVHuCXqO70Mh0fv/TG+bGWysQm3hwporIQs7/pzp8uFnRI zfAewysabykMTDgnJdLzKzr7C1q3lyCX5WWR5OdZambY6nR853cP5bjvTnbDHE0t yfza/F2PNMuT9mehmAroKKKb8GZ6YTxOenpVvgW/c+VB5i8iM+NO/8gBa5XUqzLt vQTqo/XQcB3bqC+KP1b5 =pYR/ -----END PGP SIGNATURE-----
0xB5B41FAA.asc
Description: application/pgp-keys
0xB5B41FAA.asc.sig
Description: PGP signature
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
