Re: [Freeipa-users] IPA User Group Auto membership

2015-08-15 Thread Yogesh Sharma
Same is working when I use userclass instead of title as because options to set title is available only after creating user where as we can set the userclass while creating user from UI. *Best Regards,* *__* *Yogesh Sharma* *Email: yks0...@gmail.com | Web

Re: [Freeipa-users] HBAC rules not applying to Solaris clients

2015-08-15 Thread Bob
For Solaris we are using the pam_list module to control which LDAP users can have system access. The pam_list module allow netgroups to be listed in a user.allow file. On Sat, Aug 15, 2015 at 1:05 PM, Natxo Asenjo wrote: > > > On Sat, Aug 15, 2015 at 5:24 PM, Rob Crittenden > wrote: > >> sipazz

Re: [Freeipa-users] HBAC rules not applying to Solaris clients

2015-08-15 Thread Natxo Asenjo
On Sat, Aug 15, 2015 at 5:24 PM, Rob Crittenden wrote: > sipazzo wrote: > >> >> and my users are able to authenticate to the directory but the hbac >> rules are not being applied. Any user whether given access or not can >> login to the Solaris systems. The "allow-all" rule has been disabled, my

Re: [Freeipa-users] HBAC rules not applying to Solaris clients

2015-08-15 Thread Rob Crittenden
sipazzo wrote: Hi I am using freeipa 3.0.0-47 in a mixed environment with rhel5-7 clients, Solaris 10 clients and a handful of Solaris 11 clients. I followed this guide in setting up the solaris clients: 3.8. Configuring a Solaris System as a FreeIPA Client

Re: [Freeipa-users] IPA User Group Auto membership

2015-08-15 Thread Yogesh Sharma
Hi Rob, My concern was for new entries only. -Yogesh Sharma (Sent from my HTC) On 15-Aug-2015 7:40 pm, "Rob Crittenden" wrote: > Yogesh Sharma wrote: > >> Team,, >> >> We are having issue in configuring Auto Membership for Usergroup i.e. >> when ever we add/update a user to IPA , it should get

[Freeipa-users] HBAC rules not applying to Solaris clients

2015-08-15 Thread sipazzo
Hi I am using freeipa 3.0.0-47 in a mixed environment with rhel5-7 clients, Solaris 10 clients and a handful of Solaris 11 clients. I followed this guide in setting up the solaris clients: 3.8. Configuring a Solaris System as a FreeIPA Client |   | |   |   |   |   |   | | 3.8. Configuring a Sola

Re: [Freeipa-users] IPA User Group Auto membership

2015-08-15 Thread Rob Crittenden
Yogesh Sharma wrote: Team,, We are having issue in configuring Auto Membership for Usergroup i.e. when ever we add/update a user to IPA , it should get added to a group on the basis of his/her Job Title. Below is the rule: [root@ipa-inf-prd-ng2-02 ~]# ipa automember-find dbausers Grouping Typ

[Freeipa-users] IPA User Group Auto membership

2015-08-15 Thread Yogesh Sharma
Team,, We are having issue in configuring Auto Membership for Usergroup i.e. when ever we add/update a user to IPA , it should get added to a group on the basis of his/her Job Title. Below is the rule: [root@ipa-inf-prd-ng2-02 ~]# ipa automember-find dbausers Grouping Type: group --