So I'm testing a new freeipa 4.x setup that has a one-way trust to Active
Directory. I have been able to define user groups to access the AD groups
and configure the groups to work with HBAC rules. So my AD users are able
to ssh into the client machines if HBAC allows them to.

The issue I'm having is that I would like to allow the AD users to login to
the webgui. I currently have the users in the defined in the ID views
(Default Trust View). I'm only setting the Home Directory at present,
should I add to the ID view?


Do not meddle in the affairs of dragons cause you are crunchy and good with
Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to