[Freeipa-users] HBAC rules not working
Steven Jones
Steven.Jones at vuw.ac.nz
Thu Nov 24 01:02:13 UTC 2011
I have deleted the hosts and re-added.....made a new hosts group.
However when I try to make a new HBAC rule for the new hosts group, the hosts group is not in the list of available host groups to allow me to pick it.
:/
It is under the host group tabs....but its invisible elsewhere.....currently I am rebooting the IPA server to see if that fixes the log jam.
:/
Kind of worried that I seem to be having rather simple terminal problems when its 2 weeks from release....
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Steven Jones [Steven.Jones at vuw.ac.nz]
Sent: Thursday, 24 November 2011 1:06 p.m.
To: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] HBAC rules not working
I have traced this to the host groups in the HBAC rule...
All my HBAC rules do not work unless I specify any "to" host, I cannot specify a host group at all.
If I enable the allow_all rule but add to host group to it then that no longer works.....
So Im stuck
:/
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: freeipa-users-bounces at redhat.com [freeipa-users-bounces at redhat.com] on behalf of Steven Jones [Steven.Jones at vuw.ac.nz]
Sent: Thursday, 24 November 2011 12:23 p.m.
To: Alexander Bokovoy; freeipa-devel at redhat.com; freeipa-users at redhat.com
Subject: [Freeipa-users] HBAC rules not working
Hi,
I have disabled the allow_all rule
I have created a group and added a user, I have enrolled a client and added it to a host group....I have done a HBAC rule between the two groups to allow all services, that user group to that host group from anywhere, but I cannot login....
If I enable the allow_all HBAC I can....
So how do I fault find why I cant login?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________
Freeipa-users mailing list
Freeipa-users at redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list