[Freeipa-users] RHEL6 IPA and Active Directory synchronisation and Solaris RBAC
Sigbjorn Lie
sigbjorn at nixtra.com
Sat Feb 16 11:27:48 UTC 2013
On 02/15/2013 03:17 PM, Rodney L. Mercer wrote:
>
>
> On Thu, 2013-02-14 at 21:44 +0100, Sigbjorn Lie wrote:
>> I agree with schema support being enough for now. I do not expect the
>> ipa mgmt tools to support Solaris rbac mgmt.
>>
>> The ipa mgmt tools are great, but I already have other data in the ipa
>> ldap that I have to manage manually anyway.
>>
>>
>>
>> Rgds,
>> Siggi
>>
>>
>>
>> Rob Crittenden <rcritten at redhat.com> wrote:
>> Dag Wieers wrote:
>> On Thu, 14 Feb 2013, Rob Crittenden wrote:
>>
>> Sigbjorn Lie wrote:
>> On 02/13/2013 04:10 PM, Rob Crittenden wrote:
>>
>> Also since we also require compatibility with Solaris, and roles
>> (RBAC)
>> is currently used on Solaris, does IPA support RBAC on Solar
>> is ?
>> (We
>> noticed that RBAC mentioned in the IPA web interface only
>> relates to > > IPA
>> management).
>> No, IPA doesn't support RBAC on Solaris.
>>
>> I've come across the same issue. This is just a matter of extending the
>> schema.
>>
>> Would there be any interest for adding the Solaris RBAC schema as a
>> part
>> of the standard IPA distributed LDAP schemas?
>
>
> Consider the following: What else would have to be put in to support
> this?
> Once the schema is established, can SSSD be extended to use this and
> potentially be referenced in nsswitch.conf as it is implemented on
> Solaris? IE:
> tail -5 /etc/nsswitch.conf
> user_attr: sssd
> auth_attr: sssd
> prof_attr: sssd
> exec_attr: sssd
> project: sssd
>
>
Do you use SSSD on Solaris?
More information about the Freeipa-users
mailing list