This is so that some service identities and their keytabs can be used to perform operations against the ipa framework (for example a dhcp server may have a custom script to add information to ipa).
This can be done by allowing to add service objects to roles.
Might be related to DHCP integration.
Might be needed for SMART proxy.
Closed #4386 as duplicate
This would be ease implementation of DNSSEC support and improve code maintainability.
This is also needed for the Foreman smart proxy. Right now it uses a user account which is suboptimal.
Linking to main PermissionsV2 bug.
master:
ipa-4-1:
Web UI follow up ticket created: #4507.
Metadata Update from @simo: - Issue assigned to pviktori - Issue set to the milestone: FreeIPA 4.1
Login to comment on this ticket.