-
Story
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
High
-
1
-
rhel-idm-ipa
-
ssg_idm
-
None
-
False
-
False
-
-
Yes
-
Red Hat Enterprise Linux
-
RHEL JIRAS rhel-idm-ipa
-
None
-
None
-
Unspecified Release Note Type - Unknown
-
None
Goal
- As an administrator, I want to establish trust between two separate RHEL IdM deployments
- As an administrator, I want to be able to resolve users and groups from a trusted RHEL IdM deployment on my IdM systems
- As an administrator, I want to be able to create HBAC and SUDO rules in my RHEL IdM deployment that reference users and groups from a trusted RHEL IdM deployment similar to existing trust to Active Directory
- As an administrator, I want to allow ID overrides for users and groups from trusted RHEL IdM deployments
- As an administrator, I want to be able to set up resource-based constrained delegation (RBCD) using services from trusted RHEL IdM deployments
Acceptance Criteria
- A trust between two RHEL IdM deployments can be established using IPA tools
- ID ranges from a trusted IdM deployment become associated with with trusted domains information in my RHEL IdM domain
- After a trust between two RHEL IdM domains is established, SSSD on IdM client should be able to resolve known users and groups from the trusted RHEL IdM domain
- After a trust between two RHEL IdM deployments is established, trusted users can login to the IdM systems in the trusting domain, subject to HBAC rules
- After a trust between two RHEL IdM deployments is established, trusted users can be subjected to SUDO rules in the trusting domain
- After a trust between two RHEL IdM deployments is established, RBCD can be used by the services in different IdM deployments to operate on behalf of users from both deployments
- is blocked by
-
-
- Closed
-