[Freeipa-users] What is the recommended way to create an Administrator account through the web ui?
nathan at nathanpeters.com
nathan at nathanpeters.com
Fri Jul 3 15:45:47 UTC 2015
I have been trying to create accounts in FreeIPA that have the same level
of permission as the built-in administrator account. Basically, I want to
do the equivalent of what you can do in Active Directory by adding someone
to the Domain Administrators group.
We need this because it is not an acceptable security model in our
enterprise to share the built-in admin password between many
administrators.
What is the proper way to do this?
I notice that the built-in roles are DNS Administrator, IT Security
Specialist, IT Specialist, Security Architect, User Administrator, and
helpdesk. If I give a user all 6 of these roles will they have the
equivalent level of permissions as the admin user or are there things they
still won't be able to do ?
More information about the Freeipa-users
mailing list