Hi Michal,
Hi oVirt community,DataCenterAdmin is Administrator role and from what I understand these roles can see everything. There is no specific user role similar to this for whole DC. If you use UserVmManager on DC it should be propagated to all VMs in that DC.
I'm playing with a multitenant use-case in oVirt 3.4.6... My setup is as follows:- I have two working Data Centers (DC1 and DC2)- I created two additional users DC1-admin and DC2-admin- In DC1 permission settings I've added DC1-admin as a user with a builtin DataCenterAdmin Role.- In DC2 permission settings I've added DC2-admin as a user with a builtin DataCenterAdmin Role.
Now in terms of permissions all is good: DC1-admin is not able to modify anything in DC2 and DC2-admin is not able to modify anything in DC1.
However in both the Admin Portal and the VM Portal DC1-admin and DC2-admin can still see all other datacenter resources.My expectation was that if I login to the Admin Portal as e.g. DC2-admin I will only see DC2 datacenter in the GUI and nothing else. Same with VM Portal. I played with different user settings but I couldn't make it work...
Best regards,I think the problem is that whatever user you create it will always belong to the build-in "everyone" group and inherit permission to see everything in the portal.Is it possible to achieve a scenario where e.g. DC2-admin will login to the Admin Portal and only see resources that belong to DC2 and nothing else?
Thanks,Michal
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-leave@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/KF6PN6WBHPMQ5YKUNI7PU7MSEMIOOXSA/
-- Lucie Leistnerova Senior Quality Engineer, QE Cloud, RHVM Red Hat EMEA IRC: lleistne @ #rhev-qe