[katello-devel] Superadmin user
Todd B Sanders
tsanders at redhat.com
Thu May 26 11:05:56 UTC 2011
On 05/26/2011 02:16 AM, Ohad Levy wrote:
> On Wed, 2011-05-25 at 21:13 -0400, Bryan Kearney wrote:
>> On 05/25/2011 02:23 PM, Lukas Zapletal wrote:
>>> On 05/25/2011 08:22 PM, Justin Harris wrote:
>>>> FWIW we are doing something similar in Candlepin.
>>> To be honest I just saw the same in the Foreman :-)
>>>
>> And this overrides what is in LDAP?
> foreman supports both internal auth and ldap auth, so in this case, the
> admin is an internal account.
>
> additionally, all accounts are local (e.g in the db) but authentication
> can happen with any external source.
This approach is similar to what's in current satellite, using PAM for
external authentication. But honestly, we get push back from customers
having to manage users in multiple places. I'd prefer an approach where
accounts are either internal or external, not both.
-Todd
> Probably need to add a way to remove accounts once the ldap account is
> removed. (it wont work as it cant auth but thats another story).
>
> Ohad
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel
More information about the katello-devel
mailing list