红帽全球峰会16.2. 在 IDM 主机组中添加主机
Identity Management (IDM) supports the ability to set up automatic membership rules based on a system's attributes. Red Hat Satellite's realm feature provides administrators with the ability to map the Red Hat Satellite host groups to the IDM parameter "userclass" which allow administrators to configure automembership.
使用嵌套的主机组时,会如在 Red Hat Satellite 用户界面所显示的一样发送到 IDM 服务器,例如:"Parent/Child/Child"。
注意
Satellite Server 或者 Capsule Server 向 IDM 服务器发送更新,但只在开始注册时才应用自动成员规则。
- 在 IDM 服务器中创建主机组:
# ipa hostgroup-add hostgroup_name Description: hostgroup_description ---------------------------- Added hostgroup "hostgroup_name" ---------------------------- Host-group: hostgroup_name Description: hostgroup_description其中:- hostgroup_name 是该主机组名称。
- hostgroup_description 是该主机组描述。
- 创建自动成员规则:
# ipa automember-add --type=hostgroup automember_rule ---------------------------------- Added automember rule "automember_rule" ---------------------------------- Automember Rule: automember_rule其中:automember-add将该组标记为自动成员组。--type=hostgroup确定该目标组为主机组,而不是用户组。- automember_rule 是您要使用自动成员规则进行鉴别的名称。
- 根据 usercalss 属性确定自动成员条件:
# ipa automember-add-condition --key=userclass --type=hostgroup --inclusive-regex=^webserver hostgroup_name ---------------------------------- Added condition(s) to "hostgroup_name" ---------------------------------- Automember Rule: automember_rule Inclusive Regex: userclass=^webserver ---------------------------- Number of conditions added 1 ----------------------------其中:automember-add-condition可让您添加正则表达式条件以鉴别组成员。--key=userclass将主要属性指定为 userclass。--type=hostgroup确定该目标组为主机组,而不是用户组。--inclusive-regex=^webserver 是一个鉴别匹配值的正则表达式模式。- hostgroup_name 是目标主机组名称。
现在在 Satellite Server 的 hostgroup_name 主机组中添加系统时,会将其自动添加到身份管理服务器的 "hostgroup_name" 主机组中。IDM 主机组允许 fhor 基于主机的访问控制(Host-Based Access Controls,HBAC)、sudo 策略及其他 IDM 功能。
Red+Hat+Satellite+6Docs+User+Guide报告 bug
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}