On Пан, 29 сту 2024, Melissa Ferreira da Silva Boiko via FreeIPA-users wrote:
Seems like it has "ipaUserObjectClasses: sambasamaccount"
which I see
mentioned in very old threads about Samba support only. Here's the
full config:
Thanks. You can remove sambaSamAccount by running
$ ipa config-mod --delattr=ipaUserObjectClasses=sambaSamAccount
Same applies to shadowAccount which we don't use by default either.
```
dn: cn=ipaConfig,cn=etc,dc=example,dc=local
ipamaxusernamelength: 32
ipahomesrootdir: /home
ipadefaultloginshell: /bin/bash
ipadefaultprimarygroup: ipausers
ipadefaultemaildomain:
example.com
ipasearchtimelimit: 2
ipasearchrecordslimit: 100
ipausersearchfields: uid,givenname,sn,telephonenumber,ou,title
ipagroupsearchfields: cn,description
ipamigrationenabled: FALSE
ipacertificatesubjectbase: O=EXAMPLE.LOCAL
ipapwdexpadvnotify: 4
ipaconfigstring: AllowNThash
ipaconfigstring: KDC:Disable Last Success
ipaselinuxusermaporder:
guest_u:s0$xguest_u:s0$user_u:s0$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023
ipaselinuxusermapdefault: unconfined_u:s0-s0:c0.c1023
ipakrbauthzdata: MS-PAC
ipakrbauthzdata: nfs:NONE
ipauserauthtype: disabled
ipauserauthtype: password
cn: ipaConfig
ipaGroupObjectClasses: top
ipaGroupObjectClasses: groupofnames
ipaGroupObjectClasses: nestedgroup
ipaGroupObjectClasses: ipausergroup
ipaGroupObjectClasses: ipaobject
ipaMaxHostnameLength: 64
ipaUserObjectClasses: top
ipaUserObjectClasses: person
ipaUserObjectClasses: organizationalperson
ipaUserObjectClasses: inetorgperson
ipaUserObjectClasses: inetuser
ipaUserObjectClasses: posixaccount
ipaUserObjectClasses: krbprincipalaux
ipaUserObjectClasses: krbticketpolicyaux
ipaUserObjectClasses: ipaobject
ipaUserObjectClasses: ipasshuser
ipaUserObjectClasses: sambasamaccount
ipaUserObjectClasses: shadowAccount
objectClass: nsContainer
objectClass: top
objectClass: ipaGuiConfig
objectClass: ipaConfigObject
objectClass: ipaUserAuthTypeClass
objectClass: ipaNameResolutionData
```
Thanks!
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland