We've built an open source integration "provisioning target" that
works with the JSON web service to provision users and roles inside of
FreeIPA/RH IdM.  We also have a prototype of SSO into the IPAWeb
console using constrained delegation (both thanks to the help received
on this list).  We put together a demo of the capability by deploying
FreeIPA to manage RHEL servers running on Azure.  We also integrated
Cockpit and Graylog into the POC as well.

I'd really appreciate feedback on the integration.  Especially on the
use cases and other features you think would add value to the
integration (and of course any place you think we went terribly

Here's a link to the demo:
The white-paper that details how we deployed everything:!

and of course the source code:

OpenUnison -
FreeIPA Provisioning Target -
S4U2Self LastMile -

Again, any feedback on the integration would be greatly appreciated!


Marc Boorshtein
CTO Tremolo Security
Twitter - @mlbiam / @tremolosecurity

Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to