Folks,
After migrated from FreeIPA 3.3.0 to 4.4.0, all user groups to host groups mapping is gone, now 4.4.0 seems introduce this feature call "Netgroups", which is currently empty, I haven't hear any user complain, does it mean if "Netgroups" is empty all user could access to all machines which enrolled on FreeIPA?
nevermind, solved it. It is actually HBAC rules, and I have to show "Indirect Membership" within User Group to show those previously added rules before upgrade to 4.4.0
Thanks all.
On Tue, Jun 27, 2017 at 4:36 PM, Thomas Lau tlau@tetrioncapital.com wrote:
Folks,
After migrated from FreeIPA 3.3.0 to 4.4.0, all user groups to host groups mapping is gone, now 4.4.0 seems introduce this feature call "Netgroups", which is currently empty, I haven't hear any user complain, does it mean if "Netgroups" is empty all user could access to all machines which enrolled on FreeIPA?
freeipa-users@lists.fedorahosted.org