[Freeipa-users] RHEL6 IPA and Active Directory synchronisation and Solaris RBAC
Simo Sorce
simo at redhat.com
Thu Feb 14 20:17:23 UTC 2013
On Thu, 2013-02-14 at 21:06 +0100, Dag Wieers wrote:
> On Thu, 14 Feb 2013, Rob Crittenden wrote:
>
> > Sigbjorn Lie wrote:
> >> On 02/13/2013 04:10 PM, Rob Crittenden wrote:
> >>
> >> > > Also since we also require compatibility with Solaris, and roles
> >> > > (RBAC)
> >> > > is currently used on Solaris, does IPA support RBAC on Solaris ? (We
> >> > > noticed that RBAC mentioned in the IPA web interface only relates to
> >> > > IPA
> >> > > management).
> >> >
> >> > No, IPA doesn't support RBAC on Solaris.
> >>
> >> I've come across the same issue. This is just a matter of extending the
> >> schema.
> >>
> >> Would there be any interest for adding the Solaris RBAC schema as a part
> >> of the standard IPA distributed LDAP schemas?
> >
> > Is the schema enough? Won't people want a way from IPA to manage the data
> > too?
>
> Of course, integration in IPA is better, but having the schema integrated
> is a good first step. Besides, integration in IPA probably won't happen
> without RBAC support in Fedora/RHEL, right ?
We can consider code contributions for this kind of features.
Of course not being able to test them in our default distro would make
them fragile and more subject to regressions, but I think that can also
be easily fixed by an appropriate test suite.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list