hi everyone, I am trying (with great difficulty!) to do authn/authz both for an HPC cluster and a number of other Linux machines against our Okta directory service. Okta offers their "Advanced Server Access" product, which is *bonkers* expensive for the ~6 or 7 machines we need to auth with at $10K a year, and Aquera has a plugin for FreeIPA they maintain which will auth FreeIPA against Okta for another $10K a year. this is a small HPC lab and we're just trying to avoid as much credential proliferation as we can.
my hope is that FreeIPA can be configured to auth against Okta's "built in" LDAP service, which is fairly minimal but will validate passwords and return some basic information in response to queries like group membership. then I can join machines to FreeIPA, which will in turn auth against Okta to allow users to log in. is this possible? thanks! _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
