Various configuration tasks requires root or directory manager rights and therefore cannot be done from API.
Example:
This ticket serves for collecting use cases or tickets(this one as blocking) which requires such feature.
During various discussions this was referred as privileged daemon which would observe some parts of LDAP tree and ,e.g., run various oddjob tasks based on the changes. But let's not force a specific implementation yet.
Metadata Update from @pvoborni: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
Another case: configuration of compat tree, #6882
Metadata Update from @pvoborni: - Custom field blocking reset (from #5953) - Issue close_status updated to: None
Login to comment on this ticket.