A user will be able to list all other users and be able to read their
attributes. But will not be able to change anything.

Is that an issue ? I mean on a Linux box you can read /etc/passwd file
which has info about all users on that box. This doesn't cause issues.

On 8 March 2016 at 03:03, Matt Wells <matt.we...@mosaic451.com> wrote:

> Hi all, I had a quick question.  I swear I had this before but that could
> be the voices telling me it's true....
> A normal user is logging into IPA (4.2.0) and filling in their phone
> number and info no problem.  However when that user clicks on accounts
> above they are then able to peruse the entire directory and all the other
> user accounts.
> I'm trying to remove that but for the life of me can't recall the ACI or
> where that may be.
>
> I really appreciate it, I'll continue to search through the previous
> questions and if I find it before a reply will mark this closed with the
> link.
> Thank you all -
> Wells
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to