On 02.07.21 09:50, Ronald Wimmer via FreeIPA-users wrote:
Some external users have an AD user account that is allowed (HBAC) to
access IPA clients. These users are locked in AD when they are not
needed and only unlocked on demand.
Which tunables do we have on the IPA side to get the unlocked state
reflected immediately in IPA?
The terminology I used was incorrect. In our scenario users are disabled
by default and enabled on demand. And it seems that enabled users do not
work in IPA. At least not immediately.
Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
