Search

10.7. Managing Host Groups

download PDF
Host groups are a way of centralizing control over important management tasks, particularly access control.
All groups in Identity Management are essentially static groups, meaning that the members of the group are manually and explicitly added to the group. Tangentially, IdM allows nested groups, where a group is a member of another group. In that case, all of the group members of the member group automatically belong to the parent group, as well.
Because groups are easy to create, it is possible to be very flexible in what groups to create and how they are organized. Groups can be defined around organizational divisions like departments, physical locations, or IdM or infrastructure usage guidelines for access controls.

10.7.1. Creating Host Groups

10.7.1.1. Creating Host Groups from the Web UI

  1. Open the Identity tab, and select the Host Groups subtab.
  2. Click the Add link at the top of the groups list.
  3. Enter the name and a description for the group.
  4. Click the Add and Edit button to go immediately to the member selection page.

10.7.1.2. Creating Host Groups from the Command Line

New groups are created using the hostgroup-add command. (This adds only the group; members are added separately.)
Two attributes are always required: the group name and the group description. If those attributes are not given as arguments, then the script prompts for them.
$ ipa hostgroup-add groupName --desc="description"

10.7.2. Adding Host Group Members

10.7.2.1. Showing and Changing Group Members

Members can be added to a group through the group configuration. There are tabs for all the member types which can belong to the group, and an administrator picks all of the matching entries and adds them as members.
However, it is also possible for an entity to be added to a group through its own configuration. Each entry has a list of tabs that displays group types that the entry can join. The list of all groups of that type is displayed, and the entity can be added to multiple groups at the same time.
Member Of...

Figure 10.2. Member Of...

10.7.2.2. Adding Host Group Members from the Web UI

  1. Open the Identity tab, and select the Host Groups subtab.
  2. Click the name of the group to which to add members.
  3. Click the Add link at the top of the task area.
  4. Click the checkbox by the names of the hosts to add, and click the right arrows button, >>, to move the hosts to the selection box.
  5. Click the Add button.

10.7.2.3. Adding Host Group Members from the Command Line

Members are added to a host group using the hostgroup-add-member command. This command can add both hosts as group members and other groups as group members.
The syntax of the hostgroup-add-member command requires only the group name and a comma-separated list of hosts to add:
$ ipa hostgroup-add-member groupName [--hosts=list] [--hostgroups=list]
For example, this adds three hosts to the caligroup group:
$ ipa hostgroup-add-member caligroup --hosts=ipaserver.example.com,client1.example.com,client2.example.com
  Group name: caligroup
  Description: for machines in california
  GID: 387115842
  Member hosts: ipaserver.example.com,client1.example.com,client2.example.com
-------------------------
Number of members added 3
-------------------------
Likewise, other groups can be added as members, which creates nested groups:
$ ipa hostgroup-add-member caligroup --groups=mountainview,sandiego
  Group name: caligroup
  Description: for machines in california
  GID: 387115842
  Member groups: mountainview,sandiego
  -------------------------
  Number of members added 2
  -------------------------
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.