On Thu, Jul 11, 2013 at 5:19 PM, Dmitri Pal <d...@redhat.com> wrote: > > I am not good with ldap syntax but SQL natural for me so conceptually the > search would look like this: > > I don't think it's humanly possible to be good at ldap syntax.
> I hope it conveys what I have in mind. The result of such search would be > a list of group members that have access to the host. > This is pretty close to what you have done except it covers nested groups > too and uses HBAC rules. > > I haven't had any luck with nested groups at all anyway, so I avoid using them. I may give this idea some more thought. Thanks. > Private. I made a typo. It should have been V :-) > > Ah, ok. :) -- The government is going to read our mail anyway, might as well make it tough for them. GPG Public key ID: B6A1A7C6
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
