Any one venture into the Restricted CLI options in 9.5 yet? We are in need of logging cli activity on the clusters and I thought this would be perfect.
I am starting to toy with it, but having some issues. From the documentation it only shows local accounts modification when setting the restricted shell. We do not utilize local accounts but AD authenticated accounts to access the CLI. When setting up the restricted shell via the following command, it fails.
isi auth users modify \ --shell=/user/local/restricted_shell/bin.......
Failed to modify user : The authentication request could not be handled.
I can find where you can change this entire authentication provided shell for all users, but I don't really want to do that, I would rather just change the shell of each of my admins.