[Freeipa-users] FreeIPA ActiveDirectory Integration: Managing AD Users in IPA
Traiano Welcome
traiano at gmail.com
Sat Sep 13 20:03:50 UTC 2014
Hi List
Currently I have a stable trust relationship going between IPA and Windows
AD. I create users and manage passwords in AD, but want to manage the rest
in IPA, "the rest" being default shell, default home directory settings,
RBAC, HBAC, Selinux etc ..
What I'm expecting it to be able to log into the FreeIPA web interface, and
see a synched list of users created in AD appear in the interface, after
which I can modify the settings on a per user basis.
If that level of granularity is not possible, I would then expect to be
able to at least apply an IPA-imposed set of account defaults on and AD
user group:
- default shell
- HBAC rules
- Sudo rules
- SELinux rules
- RBAC
Is this possible with FreeIPA? I can't find anything coherent in the
documentation that describes an effective way of managing the POSIX
attributes of AD users in FreeIPA.
Thanks in advance!
Traiano
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140913/e1577225/attachment.htm>
More information about the Freeipa-users
mailing list