Bug 741957
Summary: | [ipa webui] Config - Default user objectclasses allows invalid setting, which prevents adding new users | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Namita Soman <nsoman> | |
Component: | ipa | Assignee: | Martin Kosek <mkosek> | |
Status: | CLOSED NOTABUG | QA Contact: | IDM QE LIST <seceng-idm-qe-list> | |
Severity: | medium | Docs Contact: | ||
Priority: | high | |||
Version: | 7.0 | CC: | dpal, jgalipea, mkosek | |
Target Milestone: | rc | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 760383 (view as bug list) | Environment: | ||
Last Closed: | 2015-01-16 11:50:00 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 756082, 760383 |
Description
Namita Soman
2011-09-28 15:28:46 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/1894 There is another bug #741951 that will be used to document related limitations and best practices. Suggest to defer this one till we have time to do something about dynamic extensibility. This attribute is already sufficiently protected, see: {{{ # ipa config-mod --userobjectclasses=person ipa: ERROR: invalid 'ipauserobjectclasses': user default attribute givenname would not be allowed! [root@ipa ipa-winsync]# ipa config-mod --userobjectclasses={ipaobject,person,top,ipasshuser,inetorgperson,organizationalperson,krbticketpolicyaux,krbprincipalaux,inetuser,posixaccount,barbar} ipa: ERROR: objectclass barbar not found }}} Please reopen this Bug if there is some obvious case where validation fails. However, when a valid objectclass that has a new MUST attribute is being added, adding default value/other validation needs to be done through user plugin - this is expected. |