On 07/25/2013 10:31 AM, Zip Ly wrote:
> I need to setup a proxy (S4U2proxy ?) so I can perform actions like
> creating, retrieving users, make them a member of a group etc.
>  
> The problem is I don't know where to start. I've searched the internet
> for xml-rpc, json-rpc, web API but I couln't find anything useful.
>  
> Is there anyone who already made this and can give me an example. Or
> can someone tell me a strategy of what kind of information I should
> gather to create this.
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
Let us start with use cases , actors and workflow.

User using X connects to Y using protocol Z
Y being a kerberised server turns around and needs to perform an
operation against IPA

Can you please fill the gaps above and add more details?

Something like this is being done by the IPA management framework
itself. It uses kerberos ticket issued for IPA to turn around and
acquire ticket for LDAP. I hate to send people looking at the code so
may be a good starting point would be to find some mail from
freeipa-devel archives that covers the s4u2proxy design. Mail like this
would date back to Spring - Summer of 2011 and most likely would be
authored by John Dennis.


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to