I did try the  exact steps from the blog but alas still it did not work. 
getting same error :(









p-172-31-29-153.us-west-2.compute.internal: Insufficient access: Insufficient 
'write' privilege to the 'member' attribute of entry 
'cn=my-hostgroup,cn=hostgroups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com'.
Regards,Deepak
> Date: Tue, 30 Aug 2016 13:04:07 +0300
> From: aboko...@redhat.com
> To: deepak_di...@hotmail.com
> CC: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] Permission not working as expected
> 
> On Tue, 30 Aug 2016, Deepak Dimri wrote:
> >Hi Alexander,
> >Thanks for the reply
> >i tried exact steps below but it still not working.  the admin user
> >added to new role and privilege we have created is  getting an error
> >when trying to add or remove host of myhostgroup.
> >ip-172-31-29-153.us-west-2.compute.internal: Insufficient access:
> >Insufficient 'write' privilege to the 'member' attribute of entry
> >'cn=myhostgroup,cn=hostgroups,cn=accounts,dc=us-west-2,dc=compute,dc=amazonaws,dc=com'.
> >not sure if DN (memberOf=cn=myhostgroup,cn=ng,cn=alt,dc=ipa,dc=ad,dc=test) 
> >would make any difference? I also noticed i dont get  Permission flags: V2, 
> >SYSTEM in my ipa output.  not sure if that would make any difference
> >I would really appreciate if this can be resolved...
> Read the other emails I sent in this thread.
> 
> The whole story is here:
> https://vda.li/en/posts/2016/08/30/Creating-permissions-in-FreeIPA/
> 
> -- 
> / Alexander Bokovoy
                                          
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to