Hello,
I have setup a bastion host with an IPA client in order to control access to the bastion
host by groups. I have users in different groups, but I just got word that people outside
the group / HBAC rule can access and login with their IPA credentials. Everything seems
okay with the configuration.
I have uninstalled and re-installed the client, generating a new SSSD config file, yet the
user still accessing the bastion host. Thoughts?