Hi,

Trying to get my head around these....is it possible to create a group 
administrator say "engineering team administrator"  and have that role only 
able to add specific users (how to specify?) to specific user groups (say) ie I 
want to be able to delegate responsibility for limited groups and users to 
others and limit their functioanilty...?

I dont find that section of the manual very easy to understand....I'd like 
examples or more explanation....

Also if such a say (bad) "engineering team administrator" could add anyone say 
THE admin to a group that the (bad) admin had password changes in/on then this 
allows the bad admin to change that admin user password............the user 
then effectively owns the IPA system...?


regards

Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to