-----BEGIN PGP SIGNED MESSAGE-----
On 07/23/2010 05:43 AM, Sumit Bose wrote:
> The most flexible way of access control is to use sssd together with a
> FreeIPA v2 server (the Alpha4 release was published recently). There are
> also plan to add sudo support into FreeIPA (see
> http://www.freeipa.org/page/SUDO_integration_plans for details).
> You can use the 'simple' access control provider (see man sssd-simple)
> or use sssd for users and groups and let nslcd fetch netgroups until
> sssd supports it natively.
We also have an LDAP access provider that allows you to set up access
control based on an LDAP search query. E.g.:
access_provider = ldap
ldap_access_filter = groupMembership=allowedgroup
This would grant access on this host to any user in the allowedgroup (if
I'm understanding correctly that eDirectory includes this in the user entry)
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
Freeipa-users mailing list