I've set up a test Cobbler server to explore its permissions system. I need to be able to allow different groups to have access to cobbler through the WebUI, but only give them rights to change/create objects they own.
It looks like I can do this with a combination of the authn_ldap + authz_ownership modules: https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization Using the docs, I was able to setup the Cobbler LDAP authentication on my server, but it doesn't look like I can use LDAP groups within /etc/cobbler/users.conf. Instead, I have to specify the actual username like this: [admin] admin = "" cobbler = "" myuser = "" I'd like to be able to add an LDAP group as follows: [admin] admin = "" cobbler = "" mygroup = "" So I don't have to update user groups in two different places (LDAP and Cobbler). Is that supported in some other way? Thanks, Kyle
_______________________________________________ cobbler mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/cobbler
