I have traced this to the host groups in the HBAC rule...

All my HBAC rules do not work unless I specify any "to" host, I cannot specify 
a host group at all.

If I enable the allow_all rule but add to host group to it then that no longer 
works.....

So Im  stuck

:/

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

________________________________________
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on 
behalf of Steven Jones [steven.jo...@vuw.ac.nz]
Sent: Thursday, 24 November 2011 12:23 p.m.
To: Alexander Bokovoy; freeipa-de...@redhat.com; freeipa-users@redhat.com
Subject: [Freeipa-users] HBAC rules not working

Hi,

I have disabled the allow_all rule

I have created a group and added a user, I have enrolled a client and added it 
to a host group....I have done a HBAC rule between the two groups to allow all 
services, that user group to that host group from anywhere, but I cannot 
login....

If I enable the allow_all HBAC I can....

So how do I fault find why I cant login?

regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to