On 02/13/2014 08:09 PM, Rob Crittenden wrote:
> Brent Clark wrote:
>> When I assign a user the role of "User Administrator", when they log
>> into the WebUI, they can see all the role, dns, config, tab and links.
DNS as well? It should be already hidden by default:
>> They should only see the necessary tabs and links that having that role
>> requires and none of the extra stuff.
>> Is there a way to limit when appears in the WebUI based on Role?
> Not yet, see https://fedorahosted.org/freeipa/ticket/217
Web UI is more or less just a UI to IPA LDAP instance. So even if you hide it
in the UI, user could still see the data with LDAP browser. This is something
we are working on and are fixing in 3.4, so that Administrator have more
granularity in selecting who can see what data:
Freeipa-users mailing list