Over the past month, I rearranged my local systems for our collaboration environment. The
essence of the work is to combine employee identities (defined in AD) with identities for
external users (defined in FreeIPA), massage them so that they look the same, and export
them to every posix desktop and web application I support.
Defining cross-domain posix groups is included, and was successfully performed, but sssd
doesn't have a vocabulary to describe a merged domain (one identity provider, multiple
auth providers). Still trying to figure out if I can force this to work somehow.
The activity may shine a light on some of the things "views" might be required
to do.
http://www.freeipa.org/page/V4/Use_Case_for_Views:_Collaboration
Enjoy,
Bryce
This electronic message contains information generated by the USDA solely for the intended
recipients. Any unauthorized interception of this message or the use or disclosure of the
information it contains may violate the law and subject the violator to civil or criminal
penalties. If you believe you have received this message in error, please notify the
sender and delete the email immediately.