I execute this command hoping it'll work but I get some errors : on my client ====================================== ipa -v aci-mod --taskgroup=modifyusers --permissions=write --attrs=mail --type=user "Modify Users" ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not True ipa: INFO: Created connection context.xmlclient ipa: INFO: aci_mod(u'Modify Users', taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',), type=u'user') ipa: INFO: Forwarding 'aci_mod' to server u' https://server.gamma.domain.org/ipa/xml' ipa: INFO: Destroyed connection context.xmlclient ipa: ERROR: an internal error has occurred ======================================
logs on the server ====================================== ==> /var/log/httpd/error_log <== [Thu Jun 10 18:30:31 2010] [error] ipa: INFO: Created connection context.ldap2 [Thu Jun 10 18:30:31 2010] [error] ipa: DEBUG: raw: aci_mod(u'Modify Users', taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',), type=u'user') [Thu Jun 10 18:30:31 2010] [error] ipa: INFO: aci_mod(u'Modify Users', taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',), type=u'user') [Thu Jun 10 18:30:31 2010] [error] ipa: ERROR: non-public: KeyError: 'targetfilter' [Thu Jun 10 18:30:31 2010] [error] Traceback (most recent call last): [Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 206, in wsgi_execute [Thu Jun 10 18:30:31 2010] [error] result = self.Command[name](*args, **options) [Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 401, in __call__ [Thu Jun 10 18:30:31 2010] [error] ret = self.run(*args, **options) [Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 669, in run [Thu Jun 10 18:30:31 2010] [error] return self.execute(*args, **options) [Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py", line 374, in execute [Thu Jun 10 18:30:31 2010] [error] kw['filter'] = aci.target['targetfilter']['expression'] [Thu Jun 10 18:30:31 2010] [error] KeyError: 'targetfilter' [Thu Jun 10 18:30:31 2010] [error] ipa: INFO: response: InternalError: an internal error has occurred [Thu Jun 10 18:30:31 2010] [error] ipa: INFO: Destroyed connection context.ldap2 ====================================== Hoping it will help. NB : Sorry Rob for the duplicate mail ;) 2010/6/10 ALAHYANE Rachid <[email protected]> > Thank you for your response, > > >> As an aside though I wouldn't set the ipausers as a memberof on this ACI. >> What that will do is allow any user to modify any other user. I doubt this >> is what you want. >> >> You are right, it is not what I want to do. My second command is wrong: > ipa -v aci-mod "Modify Users" --attrs=mail --memberof=ipausers > > However, what I want to do is modify "Modify Users" ACI by adding the > attribute "mail" in the targetattr. I do not assimilate yet the syntaxe of > aci commands. > > Thanks for help > > >> Even if you did it would be better to add the ipausers group as a member >> of the "Modify Users" rolegroup. >> >> rob >> > > > > -- > Meilleures salutations / Best Regards > Rachid ALAHYANE > > -- Meilleures salutations / Best Regards Rachid ALAHYANE
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
