On 08.08.2016 10:03, Deepak Dimri wrote:
Hi List,

I want some help here! i have 100 of linux servers and ec2 instances used by various teams/departments. I want to have group wise clubbing of these servers so that i can delegate administration access to manager of that particular group. For example lets say out of those 100 servers, 25 servers belongs to engineering team so i want to register these 25 servers under engineering group/domain and then assign the full administration access to engineering manager to manage these 25 servers and there accesses.

I am getting a sense that we can create DNS subdomains for each team i.e. engineering.<ipa server domain name> and then register those 25 servers under engineering.<ipa server domain name> but then i am not sure how i can assign the access and do rest of the configurations.

I would be thankfully if any of you can provide with configuration steps to help me

Thanks,
Deepak



Hello,

I think you need HBAC https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/configuring-host-access.html

You need add servers to particular hostgroups, and create HBAC rules according the doc ^^^

Martin



-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to