So I'm testing a new freeipa 4.x setup that has a one-way trust to Active Directory. I have been able to define user groups to access the AD groups and configure the groups to work with HBAC rules. So my AD users are able to ssh into the client machines if HBAC allows them to.
The issue I'm having is that I would like to allow the AD users to login to the webgui. I currently have the users in the defined in the ID views (Default Trust View). I'm only setting the Home Directory at present, should I add to the ID view? Thanks -- -- Do not meddle in the affairs of dragons cause you are crunchy and good with ketchup.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project