[Freeipa-users] Re: read only replicants
On to, 26 huhti 2018, Winfried de Heiden via FreeIPA-users wrote: Any progress on this issue? https://pagure.io/freeipa/issue/5569 seems open and no progress for ages now Yes, no progress and not planned for time being. A contributions are always welcome, of course. -- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: read only replicants
Any progress on this issue? https://pagure.io/freeipa/issue/5569 seems open and no progress for ages now Winfried Op 06-04-18 om 13:57 schreef Florence Blanc-Renaud via FreeIPA-users: > On 04/06/2018 12:10 PM, Angus Clarke via FreeIPA-users wrote: >> Hi >> >> Is there way to lock down a FreeIPA replica so that it can only >> receive updates but not make changes to other FreeIPA systems. >> >> Some of our environments are considered less secure than others, our >> security team are concerned that a FreeIPA in a less secure >> environment might become compromised at which point unwarranted >> changes could be applied that affect our secure production environments. >> >> Thanks a lot >> Angus >> >> >> ___ >> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org >> To unsubscribe send an email to >> freeipa-users-le...@lists.fedorahosted.org >> > Hi, > > unlike 389-ds, FreeIPA currently supports only read-write replicas. An > RFE is already tracking this request for read-only replicas, see [1]. > > HTH, > Flo > > [1] https://pagure.io/freeipa/issue/5569 > ___ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to > freeipa-users-le...@lists.fedorahosted.org signature.asc Description: OpenPGP digital signature ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
[Freeipa-users] Re: read only replicants
On 04/06/2018 12:10 PM, Angus Clarke via FreeIPA-users wrote: Hi Is there way to lock down a FreeIPA replica so that it can only receive updates but not make changes to other FreeIPA systems. Some of our environments are considered less secure than others, our security team are concerned that a FreeIPA in a less secure environment might become compromised at which point unwarranted changes could be applied that affect our secure production environments. Thanks a lot Angus ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Hi, unlike 389-ds, FreeIPA currently supports only read-write replicas. An RFE is already tracking this request for read-only replicas, see [1]. HTH, Flo [1] https://pagure.io/freeipa/issue/5569 ___ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org