Dear colleagues, we faced with an issue of access differentiation for junior
IPA admins. Our idea was to create several (say, three - group1, group2,
group3) isolated groups with one junior admin per group.
The group isolation means that admin of group1 is not able to add to his group
neither
...@redhat.com]
Sent: Friday, November 08, 2013 7:47 PM
To: Исаев Виталий Анатольевич; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Access differentiation in group policy
Исаев Виталий Анатольевич wrote:
Dear colleagues, we faced with an issue of access differentiation for
junior IPA
Анатольевич; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Access differentiation in group policy
Исаев Виталий Анатольевич wrote:
Rob, I apologize, just one more question. We dealt with the editing of
attributes, but it is still not clear if it is possible to restrict the user
adding
Thanks a lot! We will try to work it out.
-Original Message-
From: Martin Kosek [mailto:mko...@redhat.com]
Sent: Monday, November 11, 2013 12:52 PM
To: Исаев Виталий Анатольевич; Rob Crittenden; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] Access differentiation in group policy
Dear freeipa-users,
We are diving deeper in RHEL IdM and facing with new issues.
Several days ago we started to learn ACI following the advices of Martin Kosek
and Rob Crittenden. The attached Python script with variables stored in
admins file reconstruct the customized configuration of the ACI
Dear Freeipa users and developers,
We need to alter the default behavior of the IdM server in the situation when
user exceeds the limit of incorrect password login attempts.
By default the user is getting locked in this case, but we need to disable him
fully.
How can we manage this situation?
:
On Wed, Dec 4, 2013 at 10:59 AM, Исаев Виталий Анатольевич
is...@fintech.ru wrote:
Dear Freeipa users and developers,
We need to alter the default behavior of the IdM server in the
situation when user exceeds the limit of incorrect password login attempts.
By default the user is getting locked
Анатольевич; Natxo Asenjo; freeipa-users@redhat.com
Subject: Re: [Freeipa-users] How to disable user automatically when he becomes
locked
On 12/04/2013 12:43 PM, Исаев Виталий Анатольевич wrote:
Thank you for your responses!
In terms of IdM lock state and disable state are different: when