Rowland Penny

23 Jan 2015 22:54

OK, what about user walking up to unix machine and logging in ? what about ssh ? wouldn't it be easier to just change the users login shell to /bin/false ?

Rowland
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users

Lukas Slebodnik

23 Jan 2015 22:31

There is a design document[1] for GPO and pdf attachement in mail[2]
contains "gpo data flow diagram".

All this information can be too technical.

HTH

LS

[1] https://fedorahosted.org/sssd/wiki/DesignDocs/ActiveDirectoryGPOIntegration
[2] https://lists.fedorahosted.org/pipermail/sssd-devel/2014-September/020758.html
_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users

Rowland Penny

23 Jan 2015 22:24

On 23/01/15 21:10, Koen de Boeve wrote:

OK, I'll believe you, now could someone explain how sssd can read a GPO that is supposed to (as far as I know) alter the registry on a windows machine and use those settings on a Linux machine that does have anything like a registry ?

Rowland

_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users

Rowland Penny

23 Jan 2015 22:01

On 23/01/15 20:58, Koen de Boeve wrote:

Thought so, forget it, Linux knows absolutely nothing about GPO's

Rowland

_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users

Koen de Boeve

23 Jan 2015 21:58

Yes I am Rowland, well it is a separate Policy specifically for linux machines.


Regards, Koen