#6208 [RFE] Addition of email attribute to IDM LDAP compat tree
Opened 7 years ago by pvoborni. Modified 6 years ago

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1362272

Description of problem:

There is no email attribute available for users (objectClass=posixAccount) in
the LDAP compat tree for IDM which limits ability to use compat tree as
authentication endpoint for many web services.   We require use of compat tree
to be able to authenticate AD users in trusted AD domain with 2FA support (see
Case #01674258 for background information on PCI-DSS 3.2 and 2FA).  Is it
possible for email attribute to be added to compat tree?  There is some
discussion on
https://www.redhat.com/archives/freeipa-users/2015-June/msg00538.html.  Are
there plans to add this in an upcoming AD release?

per triage, implementation may depend on/greatly benefit from Global Catalog RFE

Metadata Update from @pvoborni:
- Issue assigned to someone
- Issue set to the milestone: Future Releases

7 years ago

Login to comment on this ticket.

Metadata