Re: [Freeipa-users] ipa host-del not authorised
On 09/25/2014 04:11 AM, Alex Harvey wrote: Hi all I'm new to IPA and struggling a bit to automate some tasks. I am unable to delete hosts from the command line although have no problem doing this using the GUI, e.g. [root@myipaserver ~]# ipa host-del myhost.example.com ipa: ERROR: Insufficient access: not allowed to perform this command I guess I need to somehow pass the admin user's username and password? However the man page doesn't seem to provide any option for doing this. Thanks Alex Hello Alex, I assume you created a non-admin user with some permissions allow deleting a host. This error message is thrown when a virtual operation check fails. This is raised for example when a user is trying to do unathorized operation with certificates, like if user having host deletion permission does not also have permission to revoke certificates for deleted users. Does the privileged user has Revoke Certificate permission assigned through some privilege/role? The mismatch of behavior between CLI and UI is strange. They call the same code, maybe you run it with different users. Also, what is your FreeIPA version? Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] ipa host-del not authorised
Hi all I'm new to IPA and struggling a bit to automate some tasks. I am unable to delete hosts from the command line although have no problem doing this using the GUI, e.g. [root@myipaserver ~]# ipa host-del myhost.example.com ipa: ERROR: Insufficient access: not allowed to perform this command I guess I need to somehow pass the admin user's username and password? However the man page doesn't seem to provide any option for doing this. Thanks Alex -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] ipa host-del not authorised
Did you try executing this first: kinit admin On Sep 24, 2014 8:13 PM, Alex Harvey alexharv...@gmail.com wrote: Hi all I'm new to IPA and struggling a bit to automate some tasks. I am unable to delete hosts from the command line although have no problem doing this using the GUI, e.g. [root@myipaserver ~]# ipa host-del myhost.example.com ipa: ERROR: Insufficient access: not allowed to perform this command I guess I need to somehow pass the admin user's username and password? However the man page doesn't seem to provide any option for doing this. Thanks Alex -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
