On 03/17/2013 12:46 PM, KodaK wrote: > On Fri, Mar 15, 2013 at 8:54 PM, Dmitri Pal <d...@redhat.com> wrote: >> This is what HBAC test is about > The HBAC test will allow me to see if a single user can access a given > server. It doesn't give me a list of all the users that are allowed > to access a given host. I can dump a list of users and run that list > through an HBAC test, but it takes forever and it just seems like > there should be a better way. > > Thanks for replying -- I may end up filing that ticket. > > --Jason Frankly I do not know a better way. If we had to implement something like that as a part of CLI we would have to pretty much run through the user list and see who can and who can not access the host. The resolution is very complex as it depends on multiplicity of the HBAC rules and complexity of the group structure.
-- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users