I'm trying to add a host using Foreman to the FreeIPA realm but this doesn't work, all things seem to be fine and some other tests from people are working:
The issue is reported here: http://projects.theforeman.org/issues/18850 My settings are like this: [root@ipa-01 ~]# ipa role-find --------------- 6 roles matched --------------- Role name: helpdesk Description: Helpdesk Role name: IT Security Specialist Description: IT Security Specialist Role name: IT Specialist Description: IT Specialist Role name: Security Architect Description: Security Architect Role name: Smart Proxy Host Manager Description: Smart Proxy management Role name: User Administrator Description: Responsible for creating Users and Groups ---------------------------- Number of entries returned 6 ---------------------------- [root@ipa-01 ~]# ipa role-show "Smart Proxy Host Manager" Role name: Smart Proxy Host Manager Description: Smart Proxy management Member users: foreman-proxy, foreman-realm-proxy Privileges: Smart Proxy Host Management [root@ipa-01 ~]# ipa privilege-show "Smart Proxy Host Management" Privilege name: Smart Proxy Host Management Description: Smart Proxy Host Management Permissions: Retrieve Certificates from the CA, System: Add DNS Entries, System: Read DNS Entries, System: Remove DNS Entries, System: Update DNS Entries, System: Manage Host Certificates, System: Manage Host Enrollment Password, System: Manage Host Keytab, System: Modify Hosts, System: Remove Hosts, System: Manage Service Keytab, System: Modify Services, Add Host Enrollment Password Granting privilege to roles: Smart Proxy Host Manager [root@ipa-01 ~]# [root@ipa-01 ~]# ipa permission-find "Add Host" --------------------- 3 permissions matched --------------------- Permission name: Add Host Enrollment Password Granted rights: add Effective attributes: userpassword Bind rule type: permission Subtree: cn=computers,cn=accounts,dc=office,dc=ipa,dc=domain,dc=tld Type: host Permission flags: V2, SYSTEM Permission name: System: Add Hostgroups Granted rights: add Bind rule type: permission Subtree: cn=hostgroups,cn=accounts,dc=office,dc=ipa,dc=domain,dc=tld Type: hostgroup Permission flags: V2, MANAGED, SYSTEM Permission name: System: Add Hosts Granted rights: add Bind rule type: permission Subtree: cn=computers,cn=accounts,dc=office,dc=ipa,dc=domain,dc=tld Type: host Permission flags: V2, MANAGED, SYSTEM ---------------------------- Number of entries returned 3 ---------------------------- Can anyone help me out as I'm unsure where this goes wrong. Thanks so far! Regards, Matt -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
