On 02/14/2013 08:20 AM, Rajnesh Kumar Siwal wrote:
IPA is going to be very critical Server for any environment.
Do we have proper logging of who as locked whom, Who has created a
sudo policy, who has allowed access to whom etc ?
Hello Rajnesh,
the audit component of IPA collecting and
Hi,
Another interesting recommendation from security is that all granted
access (that is exceptional, rather than permanent) should be limited in
time from the onset.
If this is not possible all granted access needs to be documented and
revised regularly. However a system that would
On Thu, Feb 14, 2013 at 10:02 AM, Dag Wieers d...@wieers.com wrote:
Hi,
Another interesting recommendation from security is that all granted access
(that is exceptional, rather than permanent) should be limited in time from
the onset.
If this is not possible all granted access needs to be
On 14.2.2013 09:49, Martin Kosek wrote:
On 02/14/2013 08:20 AM, Rajnesh Kumar Siwal wrote:
IPA is going to be very critical Server for any environment.
Do we have proper logging of who as locked whom, Who has created a
sudo policy, who has allowed access to whom etc ?
Hello Rajnesh,
the
On Thu, 14 Feb 2013, Dag Wieers wrote:
Hi,
Another interesting recommendation from security is that all granted
access (that is exceptional, rather than permanent) should be limited
in time from the onset.
If this is not possible all granted access needs to be documented and
revised
On Thu, 2013-02-14 at 12:50 +0530, Rajnesh Kumar Siwal wrote:
IPA is going to be very critical Server for any environment.
Do we have proper logging of who as locked whom, Who has created a
sudo policy, who has allowed access to whom etc ?
You can see this information by querying LDAP
On Thu, 2013-02-14 at 10:02 +0100, Dag Wieers wrote:
Hi,
Another interesting recommendation from security is that all granted
access (that is exceptional, rather than permanent) should be limited in
time from the onset.
If this is not possible all granted access needs to be documented
Thanks, Simo.
It solves my concern,
On Thu, Feb 14, 2013 at 7:21 PM, Simo Sorce s...@redhat.com wrote:
On Thu, 2013-02-14 at 12:50 +0530, Rajnesh Kumar Siwal wrote:
IPA is going to be very critical Server for any environment.
Do we have proper logging of who as locked whom, Who has created a
On 02/14/2013 06:54 AM, Simo Sorce wrote:
On Thu, 2013-02-14 at 10:02 +0100, Dag Wieers wrote:
Hi,
Another interesting recommendation from security is that all granted
access (that is exceptional, rather than permanent) should be limited in
time from the onset.
If this is not possible all
On Thu, 14 Feb 2013, Alexander Bokovoy wrote:
On Thu, 14 Feb 2013, Dag Wieers wrote:
So I was wondering whether this is something that was already discussed as
a feature for IPA ?
Yes, something along these lines was discussed in past.
We have three tickets so far in deferred state:
https:
On Thu, 2013-02-14 at 08:30 -0700, Rich Megginson wrote:
On 02/14/2013 06:54 AM, Simo Sorce wrote:
On Thu, 2013-02-14 at 10:02 +0100, Dag Wieers wrote:
Hi,
Another interesting recommendation from security is that all granted
access (that is exceptional, rather than permanent) should be
On Feb 12, 2013, at 6:57 PM, Rob Crittenden rcrit...@redhat.com wrote:
Rob Crittenden wrote:
Chuck Lever wrote:
On Feb 12, 2013, at 4:24 PM, Rob Crittenden rcrit...@redhat.com wrote:
Chuck Lever wrote:
Hi-
I'm new to FreeIPA. I'm installing on an up-to-date Fedora 18
system from
On 02/13/2013 04:10 PM, Rob Crittenden wrote:
Also since we also require compatibility with Solaris, and roles (RBAC)
is currently used on Solaris, does IPA support RBAC on Solaris ? (We
noticed that RBAC mentioned in the IPA web interface only relates to IPA
management).
No, IPA doesn't
Sigbjorn Lie wrote:
On 02/13/2013 04:10 PM, Rob Crittenden wrote:
Also since we also require compatibility with Solaris, and roles (RBAC)
is currently used on Solaris, does IPA support RBAC on Solaris ? (We
noticed that RBAC mentioned in the IPA web interface only relates to IPA
management).
On Thu, 2013-02-14 at 18:56 +0100, Sigbjorn Lie wrote:
On 02/13/2013 04:10 PM, Rob Crittenden wrote:
Also since we also require compatibility with Solaris, and roles (RBAC)
is currently used on Solaris, does IPA support RBAC on Solaris ? (We
noticed that RBAC mentioned in the IPA web
On Thu, 14 Feb 2013, Rob Crittenden wrote:
Sigbjorn Lie wrote:
On 02/13/2013 04:10 PM, Rob Crittenden wrote:
Also since we also require compatibility with Solaris, and roles
(RBAC)
is currently used on Solaris, does IPA support RBAC on Solaris ? (We
noticed that RBAC mentioned
Dag Wieers wrote:
On Thu, 14 Feb 2013, Rob Crittenden wrote:
Sigbjorn Lie wrote:
On 02/13/2013 04:10 PM, Rob Crittenden wrote:
Also since we also require compatibility with Solaris, and roles
(RBAC)
is currently used on Solaris, does IPA support RBAC on Solaris ?
(We
noticed
17 matches
Mail list logo