Hi all, What are the user attributes that A manager should be granted with read&write permissions to reset passwords for subordinate employees? The typical implementation case: managers need to take care of password reset requests for their subordinate employees.
I select 'userpassword' field the first time but it fails, then combine it with other a few krb* fields but those don't help neither. If you have the minimum field combinations to make the 'password changing' delegation work, please feel free to post your results here. Presently I just select ALL fields with read&right permissions to make it work, but that definitely is a over kill and hurts privacy potentially. Thanks. --David
_______________________________________________ Freeipa-users mailing list Freeipaemail@example.com https://www.redhat.com/mailman/listinfo/freeipa-users