On Fri, Jul 11, 2014 at 08:58:10AM +0200, Michael Ströder wrote: > > HBAC is very similar to this but already done for you. > > http://www.freeipa.org/docs/master/html-desktop/index.html#configuring-host-access > > Does it also disallow LDAP read access to users/groups/sudoers which are not > allowed to login or to be used on a host?
No, it's pure access control evaluated during the PAM access phase. _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
