Dmitri Pal wrote:
On 08/19/2015 03:53 PM, Jakub Hrozek wrote:
> On Wed, Aug 19, 2015 at 09:49:22PM +0530, Rajnesh Kumar Siwal wrote:
>> Any suggested workaround .
> You can use nss-pam-ldapd just for the hosts database and sssd for the
> rest, you can use different views or different servers altogether for
> public/private views.
>
> btw this is the first time I've heard a request for hosts support in
> sssd, so I don't think it's something that can be expected, unless
> someone steps in and implements the maps.
People usually use DNS for that and it is the recommended way of doing
things.
BTW if you want LDAP managed host entries you can use FreeIPA and it
comes with DNS to solve this issue.
But DNS is not subject to access control. Yes, I also already thought about
making host entries visible only to specific hosts.
Ciao, Michael.