Ok so I will Initially create the account. So far my tests went ok, this
special user can change the users group and password , ONLY if they are
in the group sftponly. So that's ok. But I cannot seem to figure out how
to give Fred permission to be able to disable and enable a user in the
sftponly group group. Is this possible?
Rob Morin
Systems/Network Administrator
Hardent Inc.
On 11/28/2017 11:13 AM, Rob Crittenden wrote:
Rob Morin via FreeIPA-users wrote:
> Hello all...
>
> I was wondering if someone could help me out, is it possible to have a
> user administer only one host/server. Meaning they would log on to
> freeipa gui and be able to change a password or lock and account for one
> host only. In our case our sftp server where someone else wants to
> administer it, when i am not around, like add a user and so on.
>
> Is this possible?
User accounts can't be created or locked per-host because they are
centralized.
rob