-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I have found 2 related bug, a little bit older
https://bugzilla.redhat.com/show_bug.cgi?id=1209505 https://bugzilla.redhat.com/show_bug.cgi?id=1225274 But these are related only to DiskProfile. I haven't found any work about 'Everyone' group in documentation, so I'm little bit confused why there is such a group. Peter On 15/05/2018 23:02, Peter Hudec wrote: > Hi, > > I'm fancing the same problem. > > The steps are - create user /tester/ using the ovirt-aaa-jdbc-tool > - login as admin into admin portal - add tester user in > Administation -> Users - choose one VM and add UserRole role > > - login as testr into User Potal - user could see all VM.. > > The problem could be, that the user is part of the group Everyone > and this group could be found in Administration -> Configure > > System Permissions. When you check the group permisson, it seems > to be automatically populated by engine. > > In my case I[m using default DC, default cluster and 'internal' > profile . > > Seems that all engine object is included in Everyone group. > > regards Peter > > On 15/05/2018 22:03, Roy Golan wrote: > > >> On Tue, 15 May 2018 at 21:47 Aziz <[email protected] >> <mailto:[email protected]>> wrote: > >> Hi Roy, > >> Thanks for your feedback, I'm unable to remove the user from the >> cluster, I used the command "|ovirt-aaa-jdbc-tool user add|" to >> add the new user, and it seems that by default it took all >> permissions over the cluster. Is there any document describing >> this feature in details ? > > > >> In the webadmin go to Administration -> Configure > System >> Permissions. If the user is there, remove him. Then search for >> the VM and add permissions to the user on the VM Check your end >> result in the 'permisions' section of the VM to see who has >> permissions on it. > >> This should be helpful, quite long though >> https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles/ > >> >> > > This is for the tool itself >> https://www.ovirt.org/develop/release-management/features/infra/aaa-j d > >> >> bc/ > > > > >> Thanks > >> On Tue, May 15, 2018 at 6:31 PM, Roy Golan <[email protected] >> <mailto:[email protected]>> wrote: > >> 1. Make sure your users use the VM portal 2. Assign permission on >> VM to a certain user to make sure it apears in the portal. The >> Role should be VmOperator afaik. > >> Permission set on objects higher in the hierarchy are cascading, >> i.e a user with permission on a cluster would have the permission >> on the all the vm in cluster. > > >> On Tue, 15 May 2018 at 20:59 Aziz <[email protected] >> <mailto:[email protected]>> wrote: > >> Hi list, > >> I'm trying to remove the default "everyone" user from Ovirt, so >> that each user can have access to its own interface to manage a >> unique VM. I wonder if this is possible, because so far I'm >> unable to remove everyone user. > >> Thank you > > >> _______________________________________________ Users mailing >> list -- [email protected] <mailto:[email protected]> To unsubscribe >> send an email to [email protected] >> <mailto:[email protected]> > > > > >> _______________________________________________ Users mailing >> list -- [email protected] To unsubscribe send an email to >> [email protected] > > > > - -- *Peter Hudec* Infraštruktúrny architekt [email protected] <mailto:[email protected]> *CNC, a.s.* Borská 6, 841 04 Bratislava Recepcia: +421 2 35 000 100 Mobil:+421 905 997 203 *www.cnc.sk* <http:///www.cnc.sk> -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEqSUbhuEwhryifNeVQnvVWOJ35BAFAlr79fIACgkQQnvVWOJ3 5BBGXxAAsa0Rhs+bCisRfnD665bvRpA81yoRRJQFVYSnDZOqWVZzzTsnY4CtBAOM MG4CTvbvHXHCL304O0a4xBqpwINzcXSieyx2Vqbcxe2Fq+VRqRgq+z+3wm1L26Eb 6KraPpTlieXmbvYD2Wfu8PcGS1JFwS37FnV98EadiPCahPO7JQUBRLaErQZvi986 BZ7x/qUZWk5C4sEkP+eCM/94u3ZaMB4LSLXJqvHLpRYEGs1aOc4xhrxWVO2HLc4t aaVveS40rufogjjHzV0E++fx9XFpHpIHwfG8DsVZsIz5yyq9qQz+mt0gmvM7A81m myJQit/bQ/9j/ew/7pJNKtmv4fOB4hkCrn9tgLyhc9JIvRGmG9zymMloXdSAWvqr eKSsVOcInmgb+gsKS0upIR+Ow3zGeUzwkHdqTJAtNtyg66DpNKvT2B010t86vO9z 4ggTVcMG/+Y2c3Zu78yCSSI+0rO/R+kSTL/v8QlCk5ke4OW5iXNEIFhuUZY8905U OesB27XqXdJtZibaL6YGNG3f8GcaQgNhkGPmzVxIge+KQNwLOyV4VIJaYEFAiJgz H2OIGzKKk97OhWmRm68NUYebdyG6Pi6SL2M3fhzb0Qn/YiUCr/GygQfd455ok81e tF5UxMz1mHSN9UQV30GaPy+pR70bh3AF83E4vmjznKAmhspBB68= =7qJi -----END PGP SIGNATURE----- _______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected]
