In FreeIPA installations that already have some users and hosts in
them, the setup might be using host based access control (HBAC)
without admins realizing it because by default there is a catchall
allow_all rule there. When you then want to start tweaking the setup,
the allow_all rule needs to be disabled or it would still allow all
accesses. That might break existing users.


about possible solution to that problem.

Jan Pazdziora
Principal Software Engineer, Identity Management Engineering, Red Hat

Freeipa-users mailing list

Reply via email to