My FreeIPA deployment is a part of PCI cardholder data environment.
Hence, I have to comply with with the requirements such as 8.1.1
(assign unique ID to each user) and 8.5 (do not use generic or shared
I would like to move this user under service accounts (it may still be
used by chef/puppet to run the recipes etc), but I don't see how it is
I tried recreating this user under cn=sysaccounts,cn=etc and removing
the following object classes, but this breaks everything.
How can I pull this off? Did anybody pass PCI DSS audit (for real, I'm
not talking about sloppy QSAs) using FreeIPA as an IdM solution?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project