[Freeipa-users] Free IPA and Google Apps
Chris Whittle
cwhittl at gmail.com
Fri Apr 25 12:41:18 UTC 2014
Thank you Simo! Does anyone have any more info/experience on using GADS
and FreeIPA that they would be willing to share?
On Fri, Apr 25, 2014 at 7:39 AM, Simo Sorce <ssorce at redhat.com> wrote:
> On Fri, 2014-04-25 at 07:27 -0500, Chris Whittle wrote:
> > Thanks Martin, I found a few notes on FreeIPA and GADS but most were
> people
> > saying not to do it on principal but nothing saying if it's possible or
> not.
> >
> > I like the SAML option, including the mysterious ipsilon (Is there
> anything
> > more than the git repo yet?), but wonder how much control it has.
>
> At the moment no control at all.
>
> > Does it just allow them to SSO using their LDAP credentials?
>
> Yes.
>
> > If I disable a user in LDAP does it only recognize that only during login
> > or is it smart enough to kill their Google Apps sessions and make them
> > login again?
>
> At the moment no, in future, perhaps we can develop a plugin that will
> call a SSO logout to the remote applications the user logged into, but
> this will require the server to be more stateful. This feature is not
> available in the current code.
>
> Simo.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140425/e855aa4c/attachment.htm>
More information about the Freeipa-users
mailing list