[Freeipa-users] nisNet groups in AD
Dmitri Pal
dpal at redhat.com
Mon Nov 21 16:55:54 UTC 2011
On 11/21/2011 11:48 AM, David Juran wrote:
> Hello.
>
> I have a customer who is using nisNetgroups in microsoft Active
> Directory to keep track of which users are allowed to access which
> services. I've understood that IPA today does not sync this information
> from AD, is this correct?
>
> What about the future, once we can have trust towards an AD? Would that
> allow us to use the nisNet groups in AD for HBAC and sudo?
Trusts would not help with netgroups.
I wonder if it is something that can be done via a client configuration.
But also why not move netgroups into IPA? Dumping the data into LDIF,
creating a script to convert it to IPA internal netgroups format and
loading it is not a huge effort.
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111121/d8a27e9c/attachment.htm>
More information about the Freeipa-users
mailing list