[Freeipa-users] support for rfc2307AIX schema in IPA server

[Michael Ströder]

Iulian Roman wrote:
> Michael Ströder <michael at stroeder.com> wrote:
>> Being in your position I'd first compile a list of functional and security 
>> requirements and ask then whether these requirements can be implemented with
>> FreeIPA. I'm curious to learn whether "some other security related attributes" are
>> still needed after all.
> 
> It is not a matter if they increase the security or not or if they are really needed,
> but a matter of complying to some security standards agreed between two parties . It
> would be easy to keep them in the same format than to change the security standard ,
> tooling and processes behind (bureaucracy , overhead and complexity of the enterprise
> environment makes me try to avoid that as much as possible , especially when there are
> many people and departments involved , with their own mindset and playing different
> politics).

Sounds like the usual IAM business - nothing special.

Still my recommendation would to go the route to list the requirements and implement them
in with methods native in the IAM system of your choice (here FreeIPA). This might look
harder in the beginning but pays off pretty soon.

Ciao, Michael.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3829 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170224/182db07e/attachment.p7s>