On 03/17/2013 12:46 PM, KodaK wrote:
> On Fri, Mar 15, 2013 at 8:54 PM, Dmitri Pal <d...@redhat.com> wrote:
>> This is what HBAC test is about
> The HBAC test will allow me to see if a single user can access a given
> server.  It doesn't give me a list of all the users that are allowed
> to access a given host.  I can dump a list of users and run that list
> through an HBAC test, but it takes forever and it just seems like
> there should be a better way.
>
> Thanks for replying -- I may end up filing that ticket.
>
> --Jason
Frankly I do not know a better way. If we had to implement something
like that as a part of CLI we would have to pretty much run through the
user list and see who can and who can not access the host. The
resolution is very complex as it depends on multiplicity of the HBAC
rules and complexity of the group structure.

-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to