I am trying to reduce the rights to an account so that it can only add 
and remove machines from the IPA server.  It will be used for scripts to run as 
this user to bind machines that are stood up adhoc to the IPA server, and then 
clean them up after they are ready for shutdown.   However, I don't want users 
that are allowed this access to be able to do much else (like remove my account 
or any of my engineers accounts).  I was wondering if anyone had any words of 
wisdom on how to do this before I started doing guess and check research (since 
a few google search have yielded nothing).  

John Moyer
Digital Reasoning Systems, Inc.

Freeipa-users mailing list

Reply via email to