Hi, I am working with ACIs and I noticed that you forgot to add mail in the set of attribute that it can be modified :
============================================ ipa aci-find "Modify Users" --------- aci-find: --------- (targetattr = "givenName || sn || cn || displayName || title || initials || loginShell || gecos || homePhone || mobile || pager || facsimileTelephoneNumber || telephoneNumber || street || roomNumber || l || st || postalCode || manager || secretary || description || carLicense || labeledURI || inetUserHTTPURL || seeAlso || employeeType || businessCategory || ou")(target = "ldap:///uid=*,cn=users,cn=accounts,dc=gamma,dc=domain,dc=org";)(version 3.0;acl "Modify Users";allow (write) groupdn = "ldap:///cn=modifyusers,cn=taskgroups,cn=accounts,dc=gamma,dc=domain,dc=org";;) ============================================ when i try to fixe this problem I do not know why my ACI is deleted ! ============================================ ipa -v aci-mod "Modify Users" --attrs=mail --memberof=ipausers ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not True ipa: INFO: Created connection context.xmlclient ipa: INFO: aci_mod(u'Modify Users', attrs=(u'mail',), memberof=u'ipausers') ipa: INFO: Forwarding 'aci_mod' to server u' https://server.gamma.domain.org/ipa/xml' ipa: INFO: Destroyed connection context.xmlclient ipa: ERROR: overlapping arguments and options: ['aciname'] ============================================ ipa -v aci-mod --attrs=mail "Modify Users" ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not True ipa: INFO: Created connection context.xmlclient ipa: INFO: aci_mod(u'Modify Users', attrs=(u'mail',)) ipa: INFO: Forwarding 'aci_mod' to server u' https://server.gamma.domain.org/ipa/xml' ipa: INFO: Destroyed connection context.xmlclient ipa: ERROR: ACI with name "Modify Users" not found ============================================ ipa -v aci-show "Modify Users" ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not True ipa: INFO: Created connection context.xmlclient ipa: INFO: aci_show(u'Modify Users') ipa: INFO: Forwarding 'aci_show' to server u' https://server.gamma.domain.org/ipa/xml' ipa: INFO: Destroyed connection context.xmlclient ipa: ERROR: ACI with name "Modify Users" not found ============================================ I am using the v1.9.0 version and I do not know if it is fixed now. -- Meilleures salutations / Best Regards Rachid ALAHYANE
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
