GitHub user kiranchavala added a comment to the discussion: Cloudstack doesn't validate the account type and Role during ldapCreateAccount
@DaanHoogland Is there any relation between accountype and roleid when using the following api https://cloudstack.apache.org/api/apidocs-4.20/apis/linkDomainToLdap.html accounttype : Type of the account to auto import. Specify 0 for user and 2 for domain admin https://cloudstack.apache.org/api/apidocs-4.20/apis/ldapCreateAccount.html accounttype : Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin roleid : Creates the account under the specified role. Currently, when using linkDomainToLdap API if I specify the accounttype as Domainid (2) and later when I use ldapCreateAccount API , I should be able to select only the Domain admin Role as the accountype in linkDomaintoLdap was Domainadmin. Currently I can select any role , there is no validation performed by Cloudstack https://cloudstack.apache.org/api/apidocs-4.20/apis/listRoles.html https://cloudstack.apache.org/api/apidocs-4.20/apis/listRolePermissions.html GitHub link: https://github.com/apache/cloudstack/discussions/12369#discussioncomment-15416466 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
