Bug 978086

Summary: RFE: manage system accounts (bind accounts) in the FreeIPA CLI and web UI
Product: [Fedora] Fedora Reporter: David Jaša <djasa>
Component: freeipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: abokovoy, itewksbu, mkosek, pasik, rcritten, ssorce, tapazogl
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-08-16 12:31:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Jaša 2013-06-26 00:22:06 UTC 
Description of problem:
Look at these howtos:
http://www.freeipa.org/page/Zimbra_Collaboration_Server_7.2_Authentication_and_GAL_lookups_against_FreeIPA#Prerequisite:
http://www.freeipa.org/page/EJabberd_Integration_with_FreeIPA_using_LDAP_Group_memberships#Create_Bind_account_in_FreeIPA
They both describe system account creation in the manual way, which means that the step is needlesly error-prone, and any subsequent operation (user modification, password change, ..., user deletion) needs to be done using low-level ldap tools as well.

FreeIPA should have these options integrated in the CLI and web UI to prevent errors and behave consistently.

The integration of management of these accounts would make more RFEs self-evident, such as:
  * configuration of other means of authentication for these bind accounts such as using client certificates
  * make it possible to delegate these users management to some user/group

Version-Release number of selected component (if applicable):
3.2.0

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Martin Kosek 2013-06-26 08:29:18 UTC 
Right, this is a reasonable RFE. I will link it with a current upstream ticket that was filed in the past for this.
Comment 2 Martin Kosek 2013-06-26 08:29:57 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2801
Comment 3 Ian Tewksbury 2016-12-14 20:24:09 UTC 
+1 for this.
Comment 4 Theodoros Apazoglou 2021-08-16 12:31:29 UTC 
Thank you taking your time and submitting this request for Red Hat Enterprise Linux. The request was cloned to the upstream tracker a long time ago (see link to the upstream ticket above), but it was unfortunately not given priority either in the upstream project, or in Red Hat Enterprise Linux.

Given that this request is not planned for a close release, it is highly unlikely it will be fixed in this major version of Red Hat Enterprise Linux. We are therefore closing the request as WONTFIX.

To request that Red Hat reconsiders the decision, please reopen the Bugzilla with the help of Red Hat Support and provide additional business and/or technical details about its importance to you. Please note that you can still track this request or even offer help in the referred upstream Pagure ticket to expedite the solution.