On 05/08/2015 12:25 PM, nat...@nathanpeters.com wrote:
We have all of our users in a trusted Active Directory domain and it would
be nice to allow them to administer our DNS using their AD accounts.

I tried creating a group called DNS administrators and assigning it the
DNS administrator privilege and then adding my ad_domain_admin group
(containing the nested external group containing my ad groups), but when I
try to login to the webui it denies me access.

I see a ticket here regarding allowing this :

It doesn't look like anything has happened on that ticket in the last 15
months though.

Any idea if / when this will be implemented?

There are no current plans. It is quite complex as we need to have a ticket for the user for ldap server to have this functionality enabled. This is the first time anyone from the community actually requested this feature. I think for the future planning it would be best if you can comment in the ticket and add your justification.
We will consider it in the next planning cycle.

Thank you,
Dmitri Pal

Director of Engineering for IdM portfolio
Red Hat, Inc.

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to