On 10/17/2014 01:28 PM, Orkhan Gasimov wrote: > Of course! But for now I'm in process of checking my integration and there are > some things I don't like. > First and foremost, any change on the IPA server is not automatically > reflected > on the BSD client. > Only after SSSD is manually restarted on the client, something like it's > cache > is cleared happens and new rules apply. > For now I'm not even checking something complex like sudo rule groups with > host > groups, it's just a simple sudo rule for a single user. > I hope for collaboration with other interested people to find a stable > solution > for FreeIPA - FreeBSD interaction via SSSD, so that as a result of all this > effort a well-detailed tutorial could be written and shared with all *nix > users.
+1. Or, even better approach would be if ipa-client-install script gets ported some nice day to FreeBSD so that sssd&assorted services do not need to be configured automatically and can use autodiscover features of ipa-client-install. But this is even farther future :-) > 17-Oct-14 16:17, Martin Kosek пишет: >> On 10/17/2014 01:01 PM, Orkhan Gasimov wrote: >>> That format is not simple for me, as I'm not a programmer. But after I >>> check, >>> double-check and triple-check my FreeBSD - FreeIPA integration via SSSD and >>> assure that it works without unexpected behaviors, I'll probably write a >>> HOW-TO >>> on this process and post it at FreeBSD forums. >> Thanks! Would you consider also adding the HOWTO to >> http://www.freeipa.org/page/HowTos >> so that other people can follow your steps? >> >>> I'll then share the link to my >>> post here, so that: >>> 1) FreeIPA community could also check the post for any errors; >>> 2) someone more prepared could translate the whole process into the format >>> appropriate for the ipa-advise tool. >>> >>> 17-Oct-14 15:37, Alexander Bokovoy пишет: >>>> FreeIPA is an open source project where anyone can contribute in their >>>> areas of interest. You are welcome to contribute recipes for FreeBSD. >>>> >>>> The code is around >>>> https://git.fedorahosted.org/cgit/freeipa.git/tree/ipaserver/advise/plugins/legacy_clients.py >>>> >>>> >>>> >>>> As you can see, most recipes are structured in easy way and adding new >>>> is as simple as adding new class definition there. > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project