Rob Morin wrote:
> Thanks for you response...
> Ya, I get that know, i should have said by Group, i am half way there to
> do this, i created some permissions in the helpdesk role that allows the
> user fred to only change the password for a user in the group sftp, but
> i cannot get fred to add a new user, but only to the group sftp. :(

I don't believe there is a way to do that. Adding a user is a rather
atomic operation: either you can or you can't


> Rob Morin
> Systems/Network Administrator
> Hardent Inc.
> On 11/28/2017 11:13 AM, Rob Crittenden wrote:
>> Rob Morin via FreeIPA-users wrote:
>>> Hello all...
>>> I was wondering if someone could help me out, is it possible to have a
>>> user administer only one host/server. Meaning they would log on to
>>> freeipa gui and be able to change a password or lock and account for one
>>> host only. In our case our sftp server where someone else wants to
>>> administer it, when i am not around, like add a user and so on.
>>> Is this possible?
>> User accounts can't be created or locked per-host because they are
>> centralized.
>> rob
FreeIPA-users mailing list --
To unsubscribe send an email to

Reply via email to