Hi, Trying to get my head around these....is it possible to create a group administrator say "engineering team administrator" and have that role only able to add specific users (how to specify?) to specific user groups (say) ie I want to be able to delegate responsibility for limited groups and users to others and limit their functioanilty...?
I dont find that section of the manual very easy to understand....I'd like examples or more explanation.... Also if such a say (bad) "engineering team administrator" could add anyone say THE admin to a group that the (bad) admin had password changes in/on then this allows the bad admin to change that admin user password............the user then effectively owns the IPA system...? regards Steven Jones Technical Specialist - Linux RHCE Victoria University, Wellington, NZ 0064 4 463 6272 _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
