In order to manage organization-wide system users and to manage manage LDAP group membership of local system users we need to be able to store system users in the LDAP database. However, these users should be distinct from regular IPA accounts. In particular they should not have the person object class so as to not end up in address book type searches.
Also, it would be nice if the migration tools could migrate such users as well.
Example user:
dn: uid=apache,ou=People,dc=example,dc=com objectClass: top objectClass: posixAccount homeDirectory: /var/www loginShell: /sbin/nologin gidNumber: 48 uidNumber: 48 cn: apache uid: apache
Dup of #3430
General backlog was renamed to Beer Exchange
Metadata Update from @orion: - Issue assigned to someone - Issue set to the milestone: Ticket Backlog
Login to comment on this ticket.