[Freeipa-users] Permit non-admin users to add user accounts
Daniel Scott
djscott at mit.edu
Thu May 7 18:59:09 UTC 2009
Hi,
I would like to have the following permission system:
Group: managers (Full admin of users group)
Group: users (Group for general users)
The managers group should have essentially full control of the users
group. I've enable most functionality through a delegation, but there
doesn't appear to be a facility to allow non-admins to add user
accounts. I would like the managers group to be able to add users to
the system, without the managers being in the admins group. Managers
would then be able to add those users to the users group.
Is this possible? I have found no documentation on this. The existing
documentation implies that users adding other users are admins, but I
cannot give managers admin access. Looking through the documentation
that I have found, it seems like I may have to wait until version 2 -
can anyone comment on this?
Thanks,
Dan Scott
More information about the Freeipa-users
mailing list