I execute this command hoping it'll work but I get some errors :

on my client
======================================
ipa -v aci-mod --taskgroup=modifyusers --permissions=write --attrs=mail
--type=user "Modify Users"
ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not
True
ipa: INFO: Created connection context.xmlclient
ipa: INFO: aci_mod(u'Modify Users', taskgroup=u'modifyusers',
permissions=(u'write',), attrs=(u'mail',), type=u'user')
ipa: INFO: Forwarding 'aci_mod' to server u'
https://server.gamma.domain.org/ipa/xml'
ipa: INFO: Destroyed connection context.xmlclient
ipa: ERROR: an internal error has occurred
======================================

logs on the server
======================================
==> /var/log/httpd/error_log <==
[Thu Jun 10 18:30:31 2010] [error] ipa: INFO: Created connection
context.ldap2
[Thu Jun 10 18:30:31 2010] [error] ipa: DEBUG: raw: aci_mod(u'Modify Users',
taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',),
type=u'user')
[Thu Jun 10 18:30:31 2010] [error] ipa: INFO: aci_mod(u'Modify Users',
taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',),
type=u'user')
[Thu Jun 10 18:30:31 2010] [error] ipa: ERROR: non-public: KeyError:
'targetfilter'
[Thu Jun 10 18:30:31 2010] [error] Traceback (most recent call last):
[Thu Jun 10 18:30:31 2010] [error]   File
"/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 206, in
wsgi_execute
[Thu Jun 10 18:30:31 2010] [error]     result = self.Command[name](*args,
**options)
[Thu Jun 10 18:30:31 2010] [error]   File
"/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 401, in __call__
[Thu Jun 10 18:30:31 2010] [error]     ret = self.run(*args, **options)
[Thu Jun 10 18:30:31 2010] [error]   File
"/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 669, in run
[Thu Jun 10 18:30:31 2010] [error]     return self.execute(*args, **options)
[Thu Jun 10 18:30:31 2010] [error]   File
"/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py", line 374, in
execute
[Thu Jun 10 18:30:31 2010] [error]     kw['filter'] =
aci.target['targetfilter']['expression']
[Thu Jun 10 18:30:31 2010] [error] KeyError: 'targetfilter'
[Thu Jun 10 18:30:31 2010] [error] ipa: INFO: response: InternalError: an
internal error has occurred
[Thu Jun 10 18:30:31 2010] [error] ipa: INFO: Destroyed connection
context.ldap2
======================================

Hoping it will help.

NB : Sorry Rob for the duplicate mail ;)

2010/6/10 ALAHYANE Rachid <afk...@gmail.com>

> Thank you for your response,
>
>
>> As an aside though I wouldn't set the ipausers as a memberof on this ACI.
>> What that will do is allow any user to modify any other user. I doubt this
>> is what you want.
>>
>> You are right, it is not what I want to do. My second command is wrong:
> ipa -v aci-mod "Modify Users" --attrs=mail --memberof=ipausers
>
> However, what I want to do is modify "Modify Users" ACI by adding the
> attribute "mail" in the targetattr. I do not assimilate yet the syntaxe of
> aci commands.
>
> Thanks for help
>
>
>> Even if you did it would be better to add the ipausers group as a member
>> of the "Modify Users" rolegroup.
>>
>> rob
>>
>
>
>
> --
> Meilleures salutations / Best Regards
> Rachid ALAHYANE
>
>


-- 
Meilleures salutations / Best Regards
Rachid ALAHYANE
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to