Red Hat Bugzilla – Bug 1362272
[RFE] Addition of email attribute to IDM LDAP compat tree
Last modified: 2017-01-13 10:50:12 EST
Description of problem:
There is no email attribute available for users (objectClass=posixAccount) in the LDAP compat tree for IDM which limits ability to use compat tree as authentication endpoint for many web services. We require use of compat tree to be able to authenticate AD users in trusted AD domain with 2FA support (see Case #01674258 for background information on PCI-DSS 3.2 and 2FA). Is it possible for email attribute to be added to compat tree? There is some discussion on https://www.redhat.com/archives/freeipa-users/2015-June/msg00538.html. Are there plans to add this in an upcoming AD release?
this RFE may depend o/greatly benefit form Global Catalog RFE