We are using SSSD to connect RHEL systems to Microsoft Active Directory. Access is granted to groups using the `simple_allow_groups` option and those groups are also used to allow sudo access. Some of these groups have members that are the computer accounts for other computers in the domain.
Should that be considered a security risk? For example, could someone with root access on one system recover the computer account information and use that computer account to log in to a different system? -- _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
