[Freeipa-users] Read-only access to enforce OTP
Prashant Bapat
prashant at apigee.com
Thu Jun 16 09:00:48 UTC 2016
Hi,
I'm writing a small script which will scan all the users and check if each
one has setup an OTP. It will send out an email to the user if OTP is
missing.
I added a new entry
* uid=otp-check-ro,cn=sysaccounts,cn=etc,dc=example,dc=com*. Problem is I'm
able to read all the users attributes but not able to read anything under
*cn=otp,dc=example,dc=com* tree.
What are the permissions or ACI I need to add to give read-only access to
this user?
Thanks.
--Prashant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160616/4447aea5/attachment.htm>
More information about the Freeipa-users
mailing list