[Freeipa-users] IPA HBAC access using SSSD for user in trusted AD domain (RHEL 6.8)
Jakub Hrozek
jhrozek at redhat.com
Mon Jul 18 13:38:25 UTC 2016
On Mon, Jul 18, 2016 at 01:36:30PM +0000, Sullivan, Daniel [AAA] wrote:
> > Are also users that are not part of this group misbehaving?
>
> Not that I am aware of. I’ll get you a real answer though. Are there any known workarounds to the @ problem used to transform group names (i.e. a more robust ‘override_space’ option)? I looked a the doc briefly but can’t find anything.
The override_space really just concerns spaces, not @-characters.
>
> I was thinking maybe could use re_expression to tokenize group names by taking the last token parsed by @ for the domain portion, although this seems kind of hacky, also not sure if it would work.
Yes, I guess this should work.
More information about the Freeipa-users
mailing list