On Sat, Aug 15, 2015 at 5:24 PM, Rob Crittenden <rcrit...@redhat.com> wrote:
> sipazzo wrote:
>> and my users are able to authenticate to the directory but the hbac
>> rules are not being applied. Any user whether given access or not can
>> login to the Solaris systems. The "allow-all" rule has been disabled, my
>> nsswitch.conf file looks good and I have tried different configs of
>> pam.d, including the provided example to try to resolve the issue. Am I
>> missing some steps?
> HBAC enforcement is provided by sssd so doesn't work in Solaris.
one might try using solaris' RBAC system:
You would have to distribute your changes to all solaris systems.
There is a RBAC ldap schema
solaris, but I have never tried using it with freeipa.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project