[Freeipa-users] Creating arbitrary users?
Coy Hile
coy.hile at coyhile.com
Tue Apr 7 01:16:03 UTC 2015
In MIT land, one can potentially have multiple instances tied (by convention) to a given user (that is, that administratively one knows are the same set of eyeballs). For example, I might have my normal user (hile), and I might have another distinct MIT principal hile/admin used when I’m doing administrative work in the kerb database, or potentially yet another hile/vpn for remote access. Only the first of these is a ‘real’ user that needs to have a uid, gid, home directory, and shell; the others are just Kerberos principals that might have differing password policies applied to them. In FreeIPA, it appears all kerberos principals are tied to a user (or to a host in the case of host/ or another service definition). Is it possible to define a non-posix user? There is no good reason for hile/admin at MY.REALM to have a uidNumber or gidNumber; one should never login directly using that principal.
--
Coy Hile
coy.hile at coyhile.com
More information about the Freeipa-users
mailing list