DomainAdmin: Problem if DomainAdmin is not linked to his own domain

tpokorra / KolabScripts

some scripts useful for Kolab3 and higher, written by TBits.net, including patches already submitted to Kolab Bugzilla

14 stars 13 forks source link

DomainAdmin: Problem if DomainAdmin is not linked to his own domain #67

Open tpokorra opened 8 years ago

tpokorra commented 8 years ago

situation: domainadmin@domain1.de, manages domain2.de

If domainadmin is not linked as domainadmin to domain1.de, he will not be allowed to add users to domain2.de. It seems, when you login, the permission/effective_rights will be derived from the login domain.

tpokorra commented 8 years ago

immediate solution is to link the domainadmin to the domain he was created in

tpokorra commented 8 years ago

when testing, and linking the domainadmin to his own domain, beware the cache for the effective rights: /usr/share/kolab-webadmin/lib/Auth/LDAP.php, function effective_rights($subject), memcache and internal cache