Many thanks for the replies here -
As it turned out I just needed to run kinit admin and enter the password,
as Net Vent suggested, and that resolved the issue. For that matter, I
found I could also simply run su - admin and then run the ipa host-del
command and also achieve the same result.
On 25 September 2014 18:41, Martin Kosek <mko...@redhat.com> wrote:
> On 09/25/2014 04:11 AM, Alex Harvey wrote:
> > Hi all
> > I'm new to IPA and struggling a bit to automate some tasks.
> > I am unable to delete hosts from the command line although have no
> > doing this using the GUI, e.g.
> > [root@myipaserver ~]# ipa host-del myhost.example.com
> > ipa: ERROR: Insufficient access: not allowed to perform this command
> > I guess I need to somehow pass the admin user's username and password?
> > However the man page doesn't seem to provide any option for doing this.
> > Thanks
> > Alex
> Hello Alex,
> I assume you created a non-admin user with some permissions allow deleting
> a host.
> This error message is thrown when a virtual operation check fails. This is
> raised for example when a user is trying to do unathorized operation with
> certificates, like if user having host deletion permission does not also
> permission to revoke certificates for deleted users.
> Does the privileged user has "Revoke Certificate" permission assigned
> some privilege/role?
> The mismatch of behavior between CLI and UI is strange. They call the same
> code, maybe you run it with different users.
> Also, what is your FreeIPA version?
Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project