Hello, is it possible to restrict information about users or usergroups from being passed to a FreeIPA client? Using HBAC we can configure clients to only allow login by specific user groups, but `id` and `getent passwd` will still list these users and give out information about them.
Is it possible to restrict this, either server-side or by sssd configuration? My motivation for this is integrating a client database into the freeipa. These users should only authenticate to a specific service (keycloak) but otherwise be transparent on the managed clients. I am aware that FreeIPA does not support OUs but maybe this use case can be covered somehow. Thanks for the great work with FreeIPA and best regards, Finn -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
