On 04/06/2018 12:10 PM, Angus Clarke via FreeIPA-users wrote:
Hi

Is there way to lock down a FreeIPA replica so that it can only receive updates but not make changes to other FreeIPA systems.

Some of our environments are considered less secure than others, our security team are concerned that a FreeIPA in a less secure environment might become compromised at which point unwarranted changes could be applied that affect our secure production environments.

Thanks a lot
Angus


_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Hi,

unlike 389-ds, FreeIPA currently supports only read-write replicas. An RFE is already tracking this request for read-only replicas, see [1].

HTH,
Flo

[1] https://pagure.io/freeipa/issue/5569
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to