Thanks a lot, Dmitri. That's exactly I am looking for.
--David.
From: Dmitri Pal
To: freeipa-users@redhat.com
Sent: Wednesday, December 19, 2012 2:58 PM
Subject: Re: [Freeipa-users] Any way to delegate subordinate account management
to managers?
On 12/19/2012 05:11 PM, David Copperfield wrote:
>
>Hi all,
>
>
> Just wonder whether there is a way to delegate to managers the
>authority/permissions to manage his/her subordinate user accounts? Similar to
>host/services delegation. Please elaborate if there is a way to reach this or
>similar.
>
>
>Let's say, we create a user group of subordinate employee accounts, then let
>the particular manager to do the management work for the group, like:
>
>
>1, reset passwords for the subordinates (main work)
>2, change/update some attributes of the subordinates.
>3, if possible, remove one or more subordinate accounts.
>
>
>Thanks.
>
>
I think you need to look at the Delegated administration capabilities of IPA.
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html-single/Identity_Management_Guide/index.html#delegating-users
>
>
>
>___
Freeipa-users mailing list Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
--
Thank you,
Dmitri Pal Sr. Engineering Manager for IdM portfolio
Red Hat Inc. ---
Looking to carve out IT costs? www.redhat.com/carveoutcosts/
___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users___
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users
