Re: [Freeipa-users] WebUI questions.
On 02/13/2014 08:09 PM, Rob Crittenden wrote: Brent Clark wrote: When I assign a user the role of User Administrator, when they log into the WebUI, they can see all the role, dns, config, tab and links. DNS as well? It should be already hidden by default: https://fedorahosted.org/freeipa/ticket/2569 They should only see the necessary tabs and links that having that role requires and none of the extra stuff. Is there a way to limit when appears in the WebUI based on Role? Not yet, see https://fedorahosted.org/freeipa/ticket/217 rob Web UI is more or less just a UI to IPA LDAP instance. So even if you hide it in the UI, user could still see the data with LDAP browser. This is something we are working on and are fixing in 3.4, so that Administrator have more granularity in selecting who can see what data: https://fedorahosted.org/freeipa/ticket/3566 Martin ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] WebUI questions.
On 02/13/2014 01:51 PM, Brent Clark wrote: When I assign a user the role of User Administrator, when they log into the WebUI, they can see all the role, dns, config, tab and links. They should only see the necessary tabs and links that having that role requires and none of the extra stuff. Is there a way to limit when appears in the WebUI based on Role? https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Identity_Management_Guide/index.html#server-access-controls -- Brent S. Clark NOC Engineer 2580 55th St. | Boulder, Colorado 80301 www.tendrilinc.com http://www.tendrilinc.com/ | blog http://www.tendrilinc.com/news-room/blog/ http://www.tendrilinc.com/ This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. --- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] WebUI questions.
Brent Clark wrote: When I assign a user the role of User Administrator, when they log into the WebUI, they can see all the role, dns, config, tab and links. They should only see the necessary tabs and links that having that role requires and none of the extra stuff. Is there a way to limit when appears in the WebUI based on Role? Not yet, see https://fedorahosted.org/freeipa/ticket/217 rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users