On 05/08/2015 12:25 PM, nat...@nathanpeters.com wrote:
We have all of our users in a trusted Active Directory domain and it would
be nice to allow them to administer our DNS using their AD accounts.

I tried creating a group called DNS administrators and assigning it the
DNS administrator privilege and then adding my ad_domain_admin group
(containing the nested external group containing my ad groups), but when I
try to login to the webui it denies me access.

I see a ticket here regarding allowing this :
https://fedorahosted.org/freeipa/ticket/3242

It doesn't look like anything has happened on that ticket in the last 15
months though.

Any idea if / when this will be implemented?


There are no current plans. It is quite complex as we need to have a ticket for the user for ldap server to have this functionality enabled. This is the first time anyone from the community actually requested this feature. I think for the future planning it would be best if you can comment in the ticket and add your justification.
We will consider it in the next planning cycle.

--
Thank you,
Dmitri Pal

Director of Engineering for IdM portfolio
Red Hat, Inc.

--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to