Hi, I have a user that's a member of the "user administrator" role. When this user attempts to change the gid of a user an error occur.
ipa: ERROR: Insufficient access: Insufficient 'write' privilege to the 'gidNumber' attribute of entry Looking at the privilege "user administrators" attached to the role, and the permission "modify users" attached to the privilege, I see that "gidnumber" is not ticked as a target to allow "modify users" to write to. So permissions are handeled correctly, but the write permission to gidnumber is missing. Is this a bug or intentional? I would see it as natural that a user admin has access to also change the gidnumber of a user. Rgds, Siggi _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users