[Freeipa-users] RHEL6 IPA and Active Directory synchronisation and Solaris RBAC
Rob Crittenden
rcritten at redhat.com
Thu Feb 14 20:18:27 UTC 2013
Dag Wieers wrote:
> On Thu, 14 Feb 2013, Rob Crittenden wrote:
>
>> Sigbjorn Lie wrote:
>>> On 02/13/2013 04:10 PM, Rob Crittenden wrote:
>>>
>>> > > Also since we also require compatibility with Solaris, and roles
>>> > > (RBAC)
>>> > > is currently used on Solaris, does IPA support RBAC on Solaris ?
>>> (We
>>> > > noticed that RBAC mentioned in the IPA web interface only
>>> relates to > > IPA
>>> > > management).
>>> > > No, IPA doesn't support RBAC on Solaris.
>>>
>>> I've come across the same issue. This is just a matter of extending the
>>> schema.
>>>
>>> Would there be any interest for adding the Solaris RBAC schema as a
>>> part
>>> of the standard IPA distributed LDAP schemas?
>>
>> Is the schema enough? Won't people want a way from IPA to manage the
>> data too?
>
> Of course, integration in IPA is better, but having the schema
> integrated is a good first step. Besides, integration in IPA probably
> won't happen without RBAC support in Fedora/RHEL, right ?
>
Right, and it is a bit beyond our scope to create a compatible RBAC
solution.
rob
More information about the Freeipa-users
mailing list