On 02/19/2013 10:19 PM, Rob Crittenden wrote:
> Martin Kosek wrote:
>> On 01/24/2013 12:01 PM, Martin Kosek wrote:
>>> When user tries to perform any action requiring communication with
>>> trusted domain, IPA server tries to retrieve a trust secret on his
>>> behalf to be able to establish the connection. This happens for
>>> example during group-add-member command when external user is
>>> being resolved in the AD.
>>> When user is not member of Trust admins group, the retrieval crashes
>>> and reports internal error. Catch this exception and rather report
>>> properly formatted ACIError.
>>> ----
>>> I hit this error after updating to the latest FreeIPA version with the AD 
>>> CVE
>>> fixed.
>>> Martin
>> I filed a ticket to not loose this fix and patch. Attaching an updated patch
>> with ticket URL in description.
>> Martin
> The patch fixes the problem but the error is untranslated:
>     member group: AD\Domain Admins: Insufficient access: 
> Gettext('communication
> with trusted domains is allowed for Trusts administrator group members only',
> domain='ipa', localedir=None)
> rob

I think this is just because this string is not in our ipa.pot file yet (will
be when we do Transifex refresh").


Freeipa-devel mailing list

Reply via email to