Hi Rob, Thanks!
I see that I have the ability to delete those internal groups. If I remove one (editor for example) and recreate it with the same name, will it retain the same edit permissions? Thanks On 9 Feb 2018 1:47 pm, "Rob Crittenden" <rcrit...@redhat.com> wrote: > Oliver Northam via FreeIPA-users wrote: > > Hello! > > > > I'd love to use FreeIPA for all of our auth needs (wifi, samba, backups > > etc) but I'm a little lost on the configuration of the default groups. > > > > I have my admin user in the 'admins' group and my test user in the > > 'ipausers' group, but I can't see any permissions or roles or policies > > that define permissions in those groups. Logged in as the admin user, I > > can change all settings but as my test user, I cannot change anything. > > > > I also see 'editors' but can't see exactly what permissions this group > has. > > > > Am I missing something or somewhere where I can change these permissions? > > admins is treated as a special case and doesn't have explicit roles. > > To add permissions for other users/groups add them to a role. A role has > certain privileges and privileges have permissions (atomic rights). > > rob >
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org