Thanks for you response...

Ya, I get that know, i should have said by Group, i am half way there to do this, i created some permissions in the helpdesk role that allows the user fred to only change the password for a user in the group sftp, but i cannot get fred to add a new user, but only to the group sftp. :(

Rob Morin
Systems/Network Administrator
Hardent Inc.

On 11/28/2017 11:13 AM, Rob Crittenden wrote:
Rob Morin via FreeIPA-users wrote:
Hello all...

I was wondering if someone could help me out, is it possible to have a
user administer only one host/server. Meaning they would log on to
freeipa gui and be able to change a password or lock and account for one
host only. In our case our sftp server where someone else wants to
administer it, when i am not around, like add a user and so on.

Is this possible?
User accounts can't be created or locked per-host because they are

FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to