On 18.5.2016 10:27, Marc Peiser wrote: > Hi all, > > We're busy rolling out freeipa internally and one thing we would like to > limit is the ability for normal users to view all users in the directory > via the self service portal. We only want the user to see their particular > details. Is this possible?
This could theoretically be done using ACI in LDAP but please see https://www.redhat.com/archives/freeipa-users/2016-March/msg00071.html for elaborate discussion. It would have significant consequences. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project