RFE: User whitelist

[sssd-bot]

Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/392

• Created at 2010-01-27 16:19:46 by sgallagh
• Closed as Fixed
• Assigned to sbose

---

Right now, we have only a user blacklist (filter_users) on the SSSD. It would be nice if we could configure a machine to allow only a limited set of the users from a particular domain to log into a machine.

For example, a corporate laptop may be set up to do ID and AUTH to a corporate server, but maybe we would only want one user (and perhaps a central admin) to have access to the machine.

I know we have the HBAC controls in the FreeIPA backend, but it might be nice to have a generic user_whitelist for non FreeIPA domains.

Comments

---

Comment from dpal at 2010-02-16 15:07:20

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.1

---

Comment from sgallagh at 2010-03-09 14:32:29

Fixed by 16ac0d6

doc: 0 => 1
fixedin: => 1.1.0
resolution: => fixed
status: new => closed
tests: 0 => 1

---

Comment from obriend at 2010-05-18 05:27:27

Added section Configuring Access Control to Deployment Guide

doc: 1 => 0
docupdated: 0 => 1

---

Comment from jgalipea at 2010-05-19 15:35:08

Fields changed

tests: 1 => 0
testsupdated: 0 => 1

---

Comment from dpal at 2012-01-19 02:39:45

Fields changed

rhbz: => 0

---

Comment from sgallagh at 2017-02-24 14:54:30

Metadata Update from @sgallagh:

• Issue assigned to sbose
• Issue set to the milestone: SSSD 1.1