On Jan 4, 2012, at 2:39 AM, "Craig T" <[email protected]> wrote:
> Hi, > > Server: RHEL6.2 > Spec: ipa-server-2.1.3-9 > > 1) After reading the IPA documentation, it seems that HBAC is only available > to SSSD clients. This would suggest that I'm not going to be able to > configure it for Solaris hosts? > "Using host-based access control requires SSSD to be installed and configured > on the IPA client > machine." I have written a custom python Pam module that fully supports HBAC in Linux, however, it utilizes http://ace-host.stuart.id.au/russell/files/pam_python/. Which is currently not OpenPAM compatible. I've been seeking help to find someone to port it to OpenPAM since that is what the BSD's, Solaris, and MacOSX use, but I haven't had any luck so far. > > 2) Does this mean that I won't be able to control "who" can log onto our > solaris servers? Perhaps I'll have to configure a custom /etc/hosts.deny > entry? > > cya > > Craig > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
