$ ipa permission-show 'Add Roles' --all dn: cn=Add Roles,cn=permissions,cn=pbac,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com Permission name: Add Roles Permissions: add Bind rule type: permission Subtree: dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com ACI target DN: cn=*,cn=roles,cn=accounts,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com Granted to Privilege: Delegation Administrator objectclass: ipapermission, top, groupofnames, ipapermissionv2
The ipapermissionv2 is not actually present on the entry but added to the result (along with other attributes that aren't on the entry but we do want to see them).
ipapermissionv2
master: 3dcad00
Metadata Update from @pviktori: - Issue assigned to pviktori - Issue set to the milestone: FreeIPA 4.0 - 2014/03
Login to comment on this ticket.