[Freeipa-users] HBAC with Active directory group is not working
Ben .T.George
bentech4you at gmail.com
Fri Apr 29 15:33:05 UTC 2016
Hi Alex,
yea my mistake.
i was following u this
http://www.freeipa.org/page/Active_Directory_trust_setup#Allow_access_for_users_from_AD_domain_to_protected_resources
On Fri, Apr 29, 2016 at 6:03 PM, Alexander Bokovoy <abokovoy at redhat.com>
wrote:
> On Fri, 29 Apr 2016, Ben .T.George wrote:
>
>> Hi List,
>>
>> I have working setup of one AD, one IPA server and one client server. by
>> default i can login to client server by using AD username.
>>
>> i want to apply HBAC rules against this client server. For that i have
>> done
>> below steps.
>>
>> 1. created External group in IPA erver
>> 2. created local POSIX group n IPA server
>> 3. Added AD group to external group
>> 4. added POSIX group to external group.
>>
> You should have added external group to POSIX group, not the other way
> around.
>
> --
> / Alexander Bokovoy
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160429/fffdb012/attachment.htm>
More information about the Freeipa-users
mailing list