[Freeipa-users] HBAC implementation help
Jakub Hrozek
jhrozek at redhat.com
Fri Apr 29 07:50:29 UTC 2016
On Fri, Apr 29, 2016 at 12:03:42AM +0300, Ben .T.George wrote:
> Hi List,
>
> i have a working setup of IPA with AD integrated and one client joined.
>
> i want to implement HBAC rules against this client. can anyone please share
> me good articles of implementing HBAC from web UI.
I'm not sure about the web UI, but as a general rule you'll want to add
an external group (created with --external) as a member of a POSIX group
and reference the POSIX group in the HBAC rule. The AD members should be
added as members of the external group.
More information about the Freeipa-users
mailing list