Hey, For security reason (mostly PCI-DSS) I have to print and sign-off access formular for every users, and also to maintain these formulars in time which means that every time I add a host to a hostgroup for example, I should reprint all access formulars for users with access to this hostgroup...
I was wondering if it was possible to develop a feature that would allow one to select a user(s) from GUI and generate a csv/pdf/whatever file with all direct and indirect memberships/access for HBAC, groups and sudo-rule for the selected user(s). Maybe a first step would be to script something around ipa CLI commands (not sure if possible to dig into HBAC and groups from CLI though). What are your thoughts on such need, am I the only one wanting to export my users privileges directly from the software managing these privileges ? Regards, Florian -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
