Automember DS plugins scopes active accounts (cn=users,cn=accounts,$SUFFIX).
When activating a staging user, it will immediately be member of the configured automember groups.
This could be a non desired effect. Admin could prefere to activate a set of user, then later get them to the appropriate groups (using the automember tasks).
This would require - the support of '--no-automember' flag in the stageuser-activate command - automember can ignore some entries (for example containing specific attribute/objectclass) - flag the activated entry (with attribute/objectclass ? ) - automember task would need to clear those flag (indexed ?) before starting
Replying to [ticket:4675 tbordaz]: ...
This would require ... * flag the activated entry (with attribute/objectclass ? ) * automember task would need to clear those flag (indexed ?) before starting
The flag could be also removed in the in a POST callback of the affected command.
Not a priority in 4.2. Moving to Future Releases. We will see if there is an interest in it.
Metadata Update from @tbordaz: - Issue assigned to someone - Issue set to the milestone: Future Releases
Thank you taking time to submit this request for FreeIPA. Unfortunately this bug was not given priority and the team lacks the capacity to work on it at this time.
Given that we are unable to fulfil this request I am closing the issue as wontfix. To request re-consideration of this decision please reopen this issue and provide additional technical details about its importance to you.
Metadata Update from @rcritten: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.