Discussion:
[Freeipa-users] ldap connector from IIQ to ipa
Iulian Roman
2017-03-20 16:23:31 UTC
Permalink
Hello,

We do plan to integrate IPA with IdentityIQ (sailpoint) for user
provisioning. Because IPA does abstract all the ldap commands via new set
of commands and APIs, i am not sure if the standard ldap connector is the
right option and if it is supported ( taking into consideration that a
simple user creation does update/create more ldap containers).

Could you please clarify if updating IPA via standard ldap commands is
supported but not necessarily a best practice or it is an absolute NO ?

Thank You !
David Kupka
2017-03-21 06:45:57 UTC
Permalink
Post by Iulian Roman
Hello,
We do plan to integrate IPA with IdentityIQ (sailpoint) for user
provisioning. Because IPA does abstract all the ldap commands via new set
of commands and APIs, i am not sure if the standard ldap connector is the
right option and if it is supported ( taking into consideration that a
simple user creation does update/create more ldap containers).
Could you please clarify if updating IPA via standard ldap commands is
supported but not necessarily a best practice or it is an absolute NO ?
Thank You !
--
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
Hello!

We have staging area for this purpose. You can create and update user entries
there and once the entry is complete you can call stageuser-activate to create
user entry with using values from stageuser entry.

You can find description of the feature and examples on design page [1].

[1] http://www.freeipa.org/page/V4/User_Life-Cycle_Management
--
David Kupka
Loading...