-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
I'm fancing the same problem.
The steps are
- - create user /tester/ using the ovirt-aaa-jdbc-tool
- - login as admin into admin portal
- - add tester user in Administation -> Users
- - choose one VM and add UserRole role
- - login as testr into User Potal
- - user could see all VM..
The problem could be, that the user is part of the group Everyone and
this group could be found in Administration -> Configure > System
Permissions. When you check the group permisson, it seems to be
automatically populated by engine.
In my case I[m using default DC, default cluster and 'internal' profile
.
Seems that all engine object is included in Everyone group.
regards
Peter
On 15/05/2018 22:03, Roy Golan wrote:
>
>
> On Tue, 15 May 2018 at 21:47 Aziz <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi Roy,
>
> Thanks for your feedback, I'm unable to remove the user from the
> cluster, I used the command "|ovirt-aaa-jdbc-tool user add|" to
> add the new user, and it seems that by default it took all
> permissions over the cluster. Is there any document describing this
> feature in details ?
>
>
>
> In the webadmin go to Administration -> Configure > System
> Permissions. If the user is there, remove him. Then search for the
> VM and add permissions to the user on the VM Check your end result
> in the 'permisions' section of the VM to see who has permissions on
> it.
>
> This should be helpful, quite long though
> https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles/
>
>
This is for the tool itself
> https://www.ovirt.org/develop/release-management/features/infra/aaa-jd
bc/
>
>
>
>
> Thanks
>
> On Tue, May 15, 2018 at 6:31 PM, Roy Golan <[email protected]
> <mailto:[email protected]>> wrote:
>
> 1. Make sure your users use the VM portal 2. Assign permission on
> VM to a certain user to make sure it apears in the portal. The Role
> should be VmOperator afaik.
>
> Permission set on objects higher in the hierarchy are cascading,
> i.e a user with permission on a cluster would have the permission
> on the all the vm in cluster.
>
>
> On Tue, 15 May 2018 at 20:59 Aziz <[email protected]
> <mailto:[email protected]>> wrote:
>
> Hi list,
>
> I'm trying to remove the default "everyone" user from Ovirt, so
> that each user can have access to its own interface to manage a
> unique VM. I wonder if this is possible, because so far I'm unable
> to remove everyone user.
>
> Thank you
>
>
> _______________________________________________ Users mailing list
> -- [email protected] <mailto:[email protected]> To unsubscribe send an
> email to [email protected] <mailto:[email protected]>
>
>
>
>
> _______________________________________________ Users mailing list
> -- [email protected] To unsubscribe send an email to
> [email protected]
>
- --
*Peter Hudec*
Infraštruktúrny architekt
[email protected] <mailto:[email protected]>
*CNC, a.s.*
Borská 6, 841 04 Bratislava
Recepcia: +421 2 35 000 100
Mobil:+421 905 997 203
*www.cnc.sk* <http:///www.cnc.sk>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEqSUbhuEwhryifNeVQnvVWOJ35BAFAlr7StYACgkQQnvVWOJ3
5BCYbQ//WiZTpgyHY6eD3kjtoomYu6UiuKCXYD0uhezUVFV7zROk85jp7BcoU847
MVRMKcu/5YOMBWyXpVy27OtQwCcquz5aChreYUH8zaPlH3O3qkf2ohziKsXlMAol
/75g+Ha+Zyueuv7afx+UIxgaDv7tkGWEnrXn5LBxuQjZqq1NLDMueQaD/fPwPlw+
SRXo4nGnvnsKIZGjsX+Otd73l8JlCr0apzYYC2KOHhM1Tfw2fRphPDk/zLOvjv2X
sxKrIWsK7OgBt5lDG0rzVj/qdf4SnsxXgbgvo03yc0MwBBX+NLRmwOLUjFiovze+
NwPuos87Iwo3Dv+wJ1oxYkAGgjl0t+TxbJP6SMwAH1g7T1jvA/aCeC/Bk7RXPldL
pI+cAqvNtNfidxx7CyKjgKn4MA3dT9lq95FOV1CgMP4xQcliqofOeZrW93dvDnE8
LBlni7okv1xjw3rj6MTjdkSCN+Hh8L5GY+WbZbx5An5aCVdkYjTNw0K5UWbBNxua
fAJKBf5UidYXjxSHxgE21JKscX0wzZUOtGn11qmXp/zAwvfn4yfIQzJiii2XCIZT
J9mcyb1084bGlK86wrRNLRMDAVkN4Rh3cWY2NRhe8hKpjOCqWC88QkmTi4SXjMRy
L/cOC+ea5/by1gCE5xKinaHNZaZDM/3rBYJW2HxJkCzdOBwxxIQ=
=cvu1
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
