Ian Levesque wrote:
I'm running version 2.0.0-23 under Scientific 6.1. I've noticed that users in the "User
Administrator" role, don't have access via the web UI to actually manage groups. The only link under
"Identity" is "Users". CLI management works as expected. Is this a known bug with the
relatively old version of FreeIPA I'm running?
$ ipa role-show "User Administrator"
Role name: User Administrator
Description: Responsible for creating Users and Groups
Member users: levesque
Privileges: user administrators, group administrators
$ ipa privilege-show "group administrators"
Privilege name: Group Administrators
Description: Group Administrators
Permissions: add groups, remove groups, modify groups, modify group
Granting privilege to roles: User Administrator
A similar issue was fixed in 2.1.3 but it affected all UI screens IIRC
(e.g. non-admins never saw anything extra).
Freeipa-users mailing list