The reason we want to get a list of "allowed" users is for Auditing. We
have system that goes out and checks allowed users on a system and
cross-validates that against a central DB.
So we just need a way to get a list of users that would be allowed to login
given the *simple_allow_groups *config in sssd.conf file.
----
<
https://twitter.com/secure_UX>
On Fri, May 26, 2017 at 12:00 PM, Striker Leggette <striker(a)terranforge.com>
wrote:
What you may want to do is start limiting the search base for users
and
groups if you want to limit visibility. I proposed an RFE to make this
easier in SSSD, but it is not something that has much focus at this point.
On 05/26/2017 02:47 PM, Ali, Saqib wrote:
We are using SSSD for authentication using LDAP. And I filter the user
access using *simple_allow_groups* as follows:
access_provider = simple
simple_allow_groups = Computer Admins
Is it possible to get a list of ONLY allowed users using *getent*?
There is an option enumeration, but this lists all users.
I am only interested in the allowed users.
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org