KDCproxy - SELinux Tip(14 Sep 2017)
A quick tip for anyone who might be experiencing a strange issue when attempting to leverage Red Hat's IdM KDCproxy functionality. In a recently deployment which required segmentation of RHEL7.2 nodes in a DMZ, there was a requirement for allowing authentication access via an internal KDC. This was a perfect use case for leveraging the KDCproxy functionality. Since SSSD was calling the kdc_child process, which attempts to access the KDC over HTTPS, I was finding some strange behavior in which access was being denied by SSSD when testing authentication to the internal KDC.
Are your Containers having an "Identity" Crisis? Access Management Considerations(29 Mar 2017)
With the rapid adoption of containers throughout the industry, the landscape of technology and tools in the enterprise is forever changing. Once the excitement of getting the technology up and running wears off, we are often left with the same questions we find enterprises regularly asking.