Trying to get my head around these....is it possible to create a group 
administrator say "engineering team administrator"  and have that role only 
able to add specific users (how to specify?) to specific user groups (say) ie I 
want to be able to delegate responsibility for limited groups and users to 
others and limit their functioanilty...?

I dont find that section of the manual very easy to understand....I'd like 
examples or more explanation....

Also if such a say (bad) "engineering team administrator" could add anyone say 
THE admin to a group that the (bad) admin had password changes in/on then this 
allows the bad admin to change that admin user password............the user 
then effectively owns the IPA system...?


Steven Jones

Technical Specialist - Linux RHCE

Victoria University, Wellington, NZ

0064 4 463 6272

Freeipa-users mailing list

Reply via email to