[Freeipa-users] Permission not working as expected
Alexander Bokovoy
abokovoy at redhat.com
Tue Aug 30 10:04:07 UTC 2016
On Tue, 30 Aug 2016, Deepak Dimri wrote:
>Hi Alexander,
>Thanks for the reply
>i tried exact steps below but it still not working. the admin user
>added to new role and privilege we have created is getting an error
>when trying to add or remove host of myhostgroup.
>ip-172-31-29-153.us-west-2.compute.internal: Insufficient access:
>Insufficient 'write' privilege to the 'member' attribute of entry
>'cn=myhostgroup,cn=hostgroups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com'.
>not sure if DN (memberOf=cn=myhostgroup,cn=ng,cn=alt,dc=ipa,dc=ad,dc=test) would make any difference? I also noticed i dont get Permission flags: V2, SYSTEM in my ipa output. not sure if that would make any difference
>I would really appreciate if this can be resolved...
Read the other emails I sent in this thread.
The whole story is here:
https://vda.li/en/posts/2016/08/30/Creating-permissions-in-FreeIPA/
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list