[ovirt-users] oVirt 3.5.1 user permissions

Itamar Heim iheim at redhat.com
Sun Feb 1 12:59:26 UTC 2015 

On 01/29/2015 05:20 PM, Donny Davis wrote:
> You are assigning permissions at too high of a level.
>
> Set the following permissions for users to be able to only see what they create
>
> Add a new set of permissions in the config menu
>
>
> Login to system
> Create instance
> Attach to storage domains

giving PowerUserRole at DC level is fastest/simplest way.
if you need lower granularity then that, you need to give the 
PowerUserRole for specific clusters / storage domains / (networks?)

(at the more granular level you can use 
DiskCreator/VmCreator(/VnicProfileUser?), but just using PowerUserRole 
is simplest.

>
> Then assign that permission at the datacenter level, or even better the cluster level
>
> And add permissions as needed
>
> I will get you some screen shots when I get home
>
>
>
> On Jan 29, 2015 7:13 AM, Yaniv Dary <ydary at redhat.com> wrote:
>>
>> WebAdmin is for admin and has permissions to see anything in the system.
>> For power users please use the power user portal.
>>
>> On 01/29/2015 10:35 AM, Nikolai Bochev wrote:
>>> Hello,
>>>
>>> I've been running ovirt hosted engine for around a month already
>>> without any major interruptions. Last week i tied it to freeipa, to be
>>> able to give permissions to other people, but so far no success
>>> because of the following problem :
>>>
>>> All users can see all VM's. I tried clearing all permission entries (
>>> leaving the admin only ) and the re-adding and it didn't help at all.
>>>
>>> I am attaching a few screenshots to better describe :
>>>
>>>
>>>
>>>
>>>
>>>>>> Most of the vm's have no permissions attached to them, but they are
>>> still visible to everyone that logs from the userpanel
>>> What am i doing wrong ?
>>>
>>> Regards,
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>
>> --
>> Yaniv Dary
>> Red Hat Israel Ltd.
>> 34 Jerusalem Road
>> Building A, 4th floor
>> Ra'anana, Israel 4350109
>>
>> Tel : +972 (9) 7692306
>> 8272306
>> Email: ydary at redhat.com
>> IRC : ydary
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>

More information about the Users mailing list