John Petrini via FreeIPA-users wrote:
Can anyone give me some guidance on how to create a permission that
allows a user to list (search) DNS zones? I know how to setup per-zone
permissions using dnszone-add-permission but in this case I just want
the user to be able to get a list of zones, not modify individual zones.
There is no specific permission for DNS zones at the moment, it is all
or nothing provided by the permission "System: Read DNS Entries".
You could try creating your own if you want to limit visibility just to