Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

create-portal-user: cannot add "System: Read User Addressbook" privilege #22

Open
frasertweedale opened this issue Aug 14, 2015 · 2 comments
Open

create-portal-user: cannot add "System: Read User Addressbook" privilege #22

frasertweedale opened this issue Aug 14, 2015 · 2 comments

Comments

@frasertweedale
Copy link
Contributor 

[f22-6:~/dev/freeipa] [ master ] ftweedal% create-portal-user  
---------------------------------------------
Added privilege "Portal management privilege"
---------------------------------------------
  Privilege name: Portal management privilege
  Description: Portal privileges
ipa: ERROR: invalid 'permission': cannot add permission "System: Read User Addressbook Attributes" with bindtype "all" to a privilege
------------------------------
Added role "Portal management"
------------------------------
  Role name: Portal management
  Description: self-service portals
  Role name: Portal management
  Description: self-service portals
  Privileges: Portal management privilege
----------------------------
Number of privileges added 1
----------------------------
-------------------
Added user "portal"
-------------------
  User login: portal
  First name: Self
  Last name: Service
  Full name: Self Service
  Display name: Self Service
  Initials: SS
  Home directory: /home/portal
  GECOS: Self Service
  Login shell: /bin/sh
  Kerberos principal: [email protected]
  Email address: [email protected]
  UID: 729600012
  GID: 729600012
  Password: False
  Member of groups: ipausers
  Kerberos keys available: False
  Role name: Portal management
  Description: self-service portals
  Member users: portal
  Privileges: Portal management privilege
-------------------------
Number of members added 1
-------------------------
@frasertweedale frasertweedale changed the title create-portal-uesr: cannot add "System: Read User Addressbook" privilege create-portal-user: cannot add "System: Read User Addressbook" privilege Aug 14, 2015
@frasertweedale
Copy link
Contributor Author

More info: attempting to add the permission gives error:

invalid 'permission': cannot add permission "System: Read User Standard Attributes" with bindtype "anonymous" to a privilege

Likewise for the "Read User Addressbook" permission, which is not an "anonymous" but an "all" privilege.

IMO, we should add the permissions one-by-one and ignore if a permission cannot be added to the privilege with an error like this.

@tiran
Copy link
Member

tiran commented Aug 19, 2015

The problem has been addressed by PR #28. The new script prints a warning.

tiran added a commit that referenced this issue Aug 20, 2015
@tiran
Add correct permission
de065b1 
The permission name is plural

    System: Read Stage Users

not singular

    System: Read Stage User

Closes #10
Closes #22
tiran added a commit that referenced this issue Aug 26, 2015
@tiran
Add correct permission
11ad587 
The permission name is plural

    System: Read Stage Users

not singular

    System: Read Stage User

Closes #10
Closes #22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tiran @frasertweedale