[ovirt-users] user permissions
Oved Ourfali
ovedo at redhat.com
Tue Jul 22 10:16:34 UTC 2014
Setting PowerUser for some user on System or on a DC should be enough to create VMs on it.
What error do you get?
Can you share your logs?
----- Original Message -----
> From: "Jorick Astrego" <j.astrego at netbulae.eu>
> Cc: users at ovirt.org
> Sent: Tuesday, July 22, 2014 12:26:38 PM
> Subject: Re: [ovirt-users] user permissions
>
> I had it set on the system (with the configure button) and the DC but
> tried every combination I could think off.
>
> Also created a new user type role with all the user permissions selected.
>
> Kind regards,
> Jorick Astrego
>
>
>
> On 07/22/2014 11:16 AM, Oved Ourfali wrote:
> > On what object did you assign the PowerUser role?
> > A permission consist of user+role+object.
> >
> > ----- Original Message -----
> >> From: "Jorick Astrego" <j.astrego at netbulae.eu>
> >> To: users at ovirt.org
> >> Sent: Tuesday, July 22, 2014 11:43:43 AM
> >> Subject: Re: [ovirt-users] user permissions
> >>
> >> Hi,
> >>
> >> Sorry let be a bit more clear. I want to have a user that can log into the
> >> user portal and create vm's, stop them, add disks etc. But only as a user.
> >>
> >> I tried the poweruser role and can do all things except creating a new VM.
> >> I
> >> also want the user to only see and manipulate his own VM's and not the
> >> other
> >> ones running on the same system.
> >>
> >> Even with the PowerUser role, I am not able to create a new VM as this
> >> user.
> >> Also when I edit the built-in PowerUser role, I only see the following
> >> rights selected:
> >>
> >> Login Permissions
> >>
> >> Template
> >>
> >> Provisioning Operations
> >> Create
> >>
> >> VM
> >>
> >>
> >> Provisioning Operations
> >> Edit properties
> >> Create
> >>
> >> Disk
> >>
> >> Provisioning Operations
> >> Create
> >>
> >> Everything else is deselected.
> >>
> >> Kind regards,
> >>
> >> Jorick Astrego
> >> Netbulae
> >>
> >> On 07/22/2014 10:35 AM, Oved Ourfali wrote:
> >>
> >>
> >>
> >> Hi
> >>
> >> You didn't really specify what you would like to accomplish, and what
> >> permissions were granted and on what object.
> >> In general, we have two types of roles: User and Admin roles.
> >> If a user has any admin role on any object, then he can login to the admin
> >> portal.
> >> So, as long as you don't assign the user with admin role he will not be
> >> able
> >> to login to the admin portal.
> >>
> >> Giving PowerUser role on a DC will allow the user to create VMs and Disks
> >> through the user portal.
> >> Is that what you would like to accomplish?
> >>
> >> Oved
> >>
> >> ----- Original Message -----
> >>
> >>
> >>
> >> From: "Jorick Astrego" <j.astrego at netbulae.eu> To: users at ovirt.org Sent:
> >> Tuesday, July 22, 2014 11:32:16 AM
> >> Subject: [ovirt-users] user permissions
> >>
> >> Hi,
> >>
> >> In our 3.4.3 environment I started adding external users (it is
> >> connected to a freeipa server) and I'm having some problems setting the
> >> correct permissions.
> >>
> >> When I give all user roles to a user, I cannot create a vm and get an
> >> error "User is not authorized to perform this action". I tried setting
> >> it on the system level, DC level and cluster level.
> >>
> >> I needed to give this user an administrator role with only exactly the
> >> same vm and disk permissions (nothing extra) and things work ok, but he
> >> can now login to the admin portal. So I blocked it with a .htaccess
> >> which is not the prettiest solution.
> >>
> >> Am I doing things wrong?
> >>
> >> Also the user disappeared from the "System permissions" overview but can
> >> still login, which is a bit weird.
> >>
> >> Kind regards,
> >>
> >> Jorick Astrego
> >> Netbulae
> >>
> >> _______________________________________________
> >> Users mailing list Users at ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >>
> >>
> >> _______________________________________________
> >> Users mailing list
> >> Users at ovirt.org
> >> http://lists.ovirt.org/mailman/listinfo/users
> >>
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list