Hi, We have created a user with HBAC Admin permission which has below permission (Default as provided by IPA):
System: Add HBAC Rule System: Add HBAC Service Groups System: Add HBAC Services System: Delete HBAC Rule System: Delete HBAC Service Groups System: Delete HBAC Services System: Manage HBAC Rule Membership System: Manage HBAC Service Group Membership System: Modify HBAC Rule When I try add below in a new RBAC, it denied the operation as it is already open for all. System: Read HBAC Rules System: Read HBAC Service Groups System: Read HBAC Services If we change it to permission, then login is failing. Please suggest what we need to do so that HBAC admin can search the HBAC rule in FreeIPA rule. *Best Regards,* *__________________________________________* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> <https://twitter.com/checkwithyogesh> <http://google.com/+YogeshSharmaOnGooglePlus>
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project