All, Occasionally some of our app teams work with external auditors that wish to verify proper login access to servers.
In our older commercial AD integration tool, they'd just run an "access report" which would provide all desired information. I got hit up today to run an access report for sssd-enabled prod servers. I saw with great interest the "sssctl access-report" command. # sssctl access-report amer.company.com Access report not implemented for domains of type ad Any plans to implement this access-report subcommand for domains of type AD? No urgency; you can get most of what's needed via realm list and sssctl user-checks <user> Spike
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure