I agree with schema support being enough for now. I do not expect the ipa mgmt 
tools to support Solaris rbac mgmt.

The ipa mgmt tools are great, but I already have other data in the ipa ldap 
that I have to manage manually anyway.



Rgds,
Siggi



Rob Crittenden <rcrit...@redhat.com> wrote:

>Dag Wieers wrote:
>> On Thu, 14 Feb 2013, Rob Crittenden wrote:
>>
>>> Sigbjorn Lie wrote:
>>>>  On 02/13/2013 04:10 PM, Rob Crittenden wrote:
>>>>
>>>> > >  Also since we also require compatibility with Solaris, and
>roles
>>>> > >  (RBAC)
>>>> > >  is currently used on Solaris, does IPA support RBAC on Solaris
>?
>>>> (We
>>>> > >  noticed that RBAC mentioned in the IPA web interface only
>>>> relates to > >  IPA
>>>> > >  management).
>>>> > >  No, IPA doesn't support RBAC on Solaris.
>>>>
>>>>  I've come across the same issue. This is just a matter of
>extending the
>>>>  schema.
>>>>
>>>>  Would there be any interest for adding the Solaris RBAC schema as
>a
>>>> part
>>>>  of the standard IPA distributed LDAP schemas?
>>>
>>> Is the schema enough? Won't people want a way from IPA to manage the
>>> data too?
>>
>> Of course, integration in IPA is better, but having the schema
>> integrated is a good first step. Besides, integration in IPA probably
>> won't happen without RBAC support in Fedora/RHEL, right ?
>>
>
>Right, and it is a bit beyond our scope to create a compatible RBAC 
>solution.
>
>rob

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to