On (23/01/15 21:24), Rowland Penny wrote:
On 23/01/15 21:10, Koen de Boeve wrote:
>the idea is that sssd reads the GPO and then on that basis either denies or
>allows access through its pam module
>At least, that s how I think it works - or should work - ;)
>
>>Rowland Penny <mailto:repenny241155@gmail.com>
>>23 Jan 2015 22:01
>>On 23/01/15 20:58, Koen de Boeve wrote:
>>
>>Thought so, forget it, Linux knows absolutely nothing about GPO's
>>
>>Rowland
>>
>>Koen de Boeve <mailto:koen@galaxystudios.com>
>>23 Jan 2015 21:58
>>Yes I am Rowland, well it is a separate Policy specifically for linux
>>machines.
>>
>>
>>Regards, Koen
>>
>>Rowland Penny <mailto:repenny241155@gmail.com>
>>23 Jan 2015 21:37
>>
>>
>>Can I ask if you are trying to get a linux machine to use a windows GPO ?
>>
>>Rowland
>>
OK, I'll believe you, now could someone explain how sssd can read a GPO that
is supposed to (as far as I know) alter the registry on a windows machine and
use those settings on a Linux machine that does have anything like a registry
?
Rowland
There is a design document[1] for GPO and pdf attachement in mail[2]
contains "gpo data flow diagram".
All this information can be too technical.
HTH
LS
[1]
https://fedorahosted.org/sssd/wiki/DesignDocs/ActiveDirectoryGPOIntegration
[2]
https://lists.fedorahosted.org/pipermail/sssd-devel/2014-September/020758...