Hi all Many thanks for the replies here -
As it turned out I just needed to run kinit admin and enter the password, as Net Vent suggested, and that resolved the issue. For that matter, I found I could also simply run su - admin and then run the ipa host-del command and also achieve the same result. On 25 September 2014 18:41, Martin Kosek <[email protected]> wrote: > On 09/25/2014 04:11 AM, Alex Harvey wrote: > > Hi all > > > > I'm new to IPA and struggling a bit to automate some tasks. > > > > I am unable to delete hosts from the command line although have no > problem > > doing this using the GUI, e.g. > > > > [root@myipaserver ~]# ipa host-del myhost.example.com > > > > ipa: ERROR: Insufficient access: not allowed to perform this command > > > > I guess I need to somehow pass the admin user's username and password? > > However the man page doesn't seem to provide any option for doing this. > > > > Thanks > > Alex > > Hello Alex, > > I assume you created a non-admin user with some permissions allow deleting > a host. > > This error message is thrown when a virtual operation check fails. This is > raised for example when a user is trying to do unathorized operation with > certificates, like if user having host deletion permission does not also > have > permission to revoke certificates for deleted users. > > Does the privileged user has "Revoke Certificate" permission assigned > through > some privilege/role? > > The mismatch of behavior between CLI and UI is strange. They call the same > code, maybe you run it with different users. > > Also, what is your FreeIPA version? > > Martin >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
