We are using SSSD to connect RHEL systems to Microsoft Active Directory. Access is granted to groups using the `simple_allow_groups` option and those groups are also used to allow sudo access. Some of these groups have members that are the computer accounts for other computers in the domain.
Should that be considered a security risk? For example, could someone with root access on one system recover the computer account information and use that computer account to log in to a different system? -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
