In v2 we are adding more fine-grained access control per the many requests we had in v1. v1 only provided the ability to grant permission to write a fixed set of user attributes from group A to group B.

We're looking for feedback on the types of access control that the IPA users require in order to create some use-cases and help us design a workable GUI for managing access control:

Things like:
- I want to control who can add users
- I want to set the list of attributes for self-service
- I want hosts to be able to manage the certificates of its services

We're particularly interested in the details, such as how you want to differentiate user A from user B when determining who can write what.



Freeipa-devel mailing list

Reply via email to