Zeal Vora wrote:

I was planning to have a user who will have access to the below set of
permissions :-

1. kinit <user>
2. ipa host-add
3. ipa-host-add-managedby
4. ipa-getkeytab

I was wondering on what would be the minimum required permission for
this user? I was planning to use specific user other then the admin,

Any help will be appreciated!

I'd look at the Host Enrollment privilege to see if it does what you need. You might have to add Modify Hosts in order to add managedby (or create a similar privilege).


Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to