[Freeipa-users] User Roles and access in GUI
Petr Spacek
pspacek at redhat.com
Mon Apr 15 14:15:59 UTC 2013
On 15.4.2013 15:39, Rob Crittenden wrote:
> There is no easy way to do this. We start with granting all authenticated
> users read access to the tree with the exception of certain attributes (like
> passwords).
>
> You'd have to start by removing that, then one by one granting read access to
> the various containers based on, well, something.
Would it be possible to create a new role to allow current 'read-all access'
and add this role to all users by default?
It could be much simpler to change the behaviour with this role, or not? :-)
--
Petr Spacek
More information about the Freeipa-users
mailing list