Closed tiran closed 8 years ago
i remembered that i forgot to change this last night as i was trying to fall asleep.
i'd been testing on older, more stable versions of IPA that didn't have stageuser yet.
Do you happen to know when stageuser was introduced? AFAIK it landed in 4.2.0 but I'm not sure.
http://www.freeipa.org/page/Releases/4.2.0
According to this, definitely landed on 4.2.0. I should have also updated the documentation to reflect the version requirements. If I do any more changes, I'll do them as PRs instead of just pushing to avoid making any more mistakes.
ACIError: Insufficient access: Insufficient 'add' privilege to add the entry 'uid=cheimes,cn=staged users,cn=accounts,cn=provisioning,dc=kdcproxy,dc=demo'.
I guess stageuser_add requires a different permission? :)
ipa privilege-add-permission 'Portal management privilege' --permission='System: Add Stage User'
According to http://www.freeipa.org/page/V4/Community_Portal#Self-Service_Registration the community portal should create stage user instead of a normal user. However the user model uses
api.Command.user_add
instead ofapi.Command.stageuser_add
thus creates a standard user.