| Summary: | [RFE] Support pam_check_host_attr | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Jenny Severance <jgalipea> |
| Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> |
| Status: | CLOSED DUPLICATE | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2 | CC: | dpal, grajaiya, jgalipea, prc |
| Target Milestone: | rc | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-01-12 15:05:32 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
*** This bug has been marked as a duplicate of bug 755506 *** |
Description of problem: It looks like the associated patch added a new option ... ldap_user_authorized_host = str, None, false associated option in man page ... ldap_user_authorized_host (string) If access_provider=ldap and ldap_access_order=host, SSSD will use the presence of the host attribute in the user's LDAP entry to determine access privilege. An explicit deny (!host) is resolved first. Second, SSSD searches for explicit allow (host) and finally for allow_all (*). Default: host Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: Upstream ticket :: https://fedorahosted.org/sssd/ticket/746