FreeIPAers, We've built an open source integration "provisioning target" that works with the JSON web service to provision users and roles inside of FreeIPA/RH IdM. We also have a prototype of SSO into the IPAWeb console using constrained delegation (both thanks to the help received on this list). We put together a demo of the capability by deploying FreeIPA to manage RHEL servers running on Azure. We also integrated Cockpit and Graylog into the POC as well.
I'd really appreciate feedback on the integration. Especially on the use cases and other features you think would add value to the integration (and of course any place you think we went terribly wrong!). Here's a link to the demo: https://vimeo.com/160002916 The white-paper that details how we deployed everything: https://www.tremolosecurity.com/wiki/#!azure.md and of course the source code: OpenUnison - https://github.com/TremoloSecurity/OpenUnison FreeIPA Provisioning Target - https://github.com/TremoloSecurity/Unison-FreeIPA S4U2Self LastMile - https://github.com/TremoloSecurity/Unison-LastMile-Kerberos Again, any feedback on the integration would be greatly appreciated! Thanks Marc Boorshtein CTO Tremolo Security marc.boorsht...@tremolosecurity.com Twitter - @mlbiam / @tremolosecurity -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project