[Freeipa-users] HBAC with Active directory group is not working
Ben .T.George
bentech4you at gmail.com
Fri Apr 29 14:38:30 UTC 2016
Hi List,
I have working setup of one AD, one IPA server and one client server. by
default i can login to client server by using AD username.
i want to apply HBAC rules against this client server. For that i have done
below steps.
1. created External group in IPA erver
2. created local POSIX group n IPA server
3. Added AD group to external group
4. added POSIX group to external group.
After that have created HBAC rule by adding both local and external IPA
groups, added sshd as service and selected service group as sudo.
i have applied this HBAC rule to client server and from web UI and while
testing HBAC from web, i am getting access denied .
How can i implement HBAC with Active directory user group.
Regards,
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160429/a6556392/attachment.htm>
More information about the Freeipa-users
mailing list