https://bugzilla.redhat.com/show_bug.cgi?id=741951
Description of problem: Default userobjectclasses are: organizationalperson, inetorgperson, inetuser, krbprincipalaux, krbticketpolicyaux, posixaccount, ipaobject Run command below to modify this list and remove ipaobject- ipa config-mod --userobjectclasses=organizationalperson,inetorgperson,inetuser,krbprincipalaux,krbticketpolicyaux,posixaccount No error. Now add a user - ipa user-add one This throws error - ipa: ERROR: attribute "ipaUniqueID" not allowed So - ipa config-mod should have indicated an error when removing required objectclasses from the list For example, if ipaobject is deleted, Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1.ipa config-mod --userobjectclasses=organizationalperson,inetorgperson,inetuser,krbprincipalaux,krbticketpolicyaux,posixaccount 2.ipa user-add one Actual results: Error thrown when adding user Expected results: Should have thrown error when running config-mod Additional info:
IMO this should be documented in 2.x Extensibility guide as one of the impacts. We can then later come back and see what else can be done.
master: 2916ad4[[BR]] ipa-2-1: c23b381
Metadata Update from @dpal: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 2.1.3 (bug fixing)
Login to comment on this ticket.