#4419 [RFE] Add CLI/UI for authorizing fetching existing keytab
Closed: Fixed None Opened 5 years ago by mkosek.

#3859 enabled ipa-getkeytab to fetch existing keytab. This is authorized via allowedToPerform;read_keys attribute in the target entry containing a DN of a user/group allowed to fetch the keytab.

Add CLI/UI to set this attribute.


server part:

master:

  • 59ee631 keytab manipulation permission management
  • b69a8da tests: management of keytab permissions

ipa-4-1:

  • 9cfcb03 keytab manipulation permission management
  • 7313ed4 tests: management of keytab permissions

Web UI:

master:

  • d8f05d8 webui: management of keytab permissions

ipa-4-1:

  • 905238f webui: management of keytab permissions

Metadata Update from @mkosek:
- Issue assigned to pvoborni
- Issue set to the milestone: FreeIPA 4.1

2 years ago

Login to comment on this ticket.

Metadata