Hello All,
Is there a way to map IPA group to a local Linux system group?
For example I have a Linux group wheel and I want the IPA group ipawheel to be mapped such that when I add a user in the ipawheel group in the local system the user becomes a member of the wheel group in the Linux machine (IPA client) .
On ke, 04 loka 2017, Supratik Goswami via FreeIPA-users wrote:
Hello All,
Is there a way to map IPA group to a local Linux system group?
For example I have a Linux group wheel and I want the IPA group ipawheel to be mapped such that when I add a user in the ipawheel group in the local system the user becomes a member of the wheel group in the Linux machine (IPA client) .
You don't say what Linux distribution you are using.
With glibc 2.24 there is a feature that group membership is considered across all group sources in nsswitch. It is working in Fedora since F24 and in RHEL/CentOS since 7.4:
https://sgallagh.wordpress.com/2016/01/28/remote-group-merging-for-fedora/
You simply add IPA user to a local Linux group in /etc/group and that's all. On next login this user will gain that group membership.
freeipa-users@lists.fedorahosted.org