URL: https://github.com/freeipa/freeipa/pull/840 Author: Tiboris Title: #840: Add Role 'Client Administrator' Action: opened
PR body: """ User with the 'Client Administrator' role assigned to is able to enroll host against a FreeIPA server as a client using the ipa-client-install command. The 'Client Administrator' contains 'Host Enrollment' privilege only. Points to: https://pagure.io/freeipa/issue/6852 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/840/head:pr840 git checkout pr840
From 7335d69600a41dbc0821e2bce8c6f1297ef3e1dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tibor=20Dudl=C3=A1k?= <tdud...@redhat.com> Date: Thu, 1 Jun 2017 14:27:02 +0200 Subject: [PATCH] Add Role 'Client Administrator' User with the 'Client Administrator' role assigned to is able to enroll host against a FreeIPA server as a client using the ipa-client-install command. Points to: https://pagure.io/freeipa/issue/6852 --- install/updates/45-roles.update | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/install/updates/45-roles.update b/install/updates/45-roles.update index fb28464f25..aa0fe7ea81 100644 --- a/install/updates/45-roles.update +++ b/install/updates/45-roles.update @@ -91,3 +91,12 @@ add:member: cn=Security Architect,cn=roles,cn=accounts,$SUFFIX dn: cn=Password Policy Administrator,cn=privileges,cn=pbac,$SUFFIX add:member: cn=Security Architect,cn=roles,cn=accounts,$SUFFIX +dn: cn=Client Administrator,cn=roles,cn=accounts,$SUFFIX +default:objectClass: groupofnames +default:objectClass: nestedgroup +default:objectClass: top +default:cn: Client Administrator +default:description: Client Administrator responsible for client(host) enrollment + +dn: cn=Host Enrollment,cn=privileges,cn=pbac,$SUFFIX +add:member: cn=Client Administrator,cn=roles,cn=accounts,$SUFFIX
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
