Description of problem: running "ipa netgroup-add-member --hosts=<valid host> <valid netgroup>" produces a "Insufficient access" error. Version-Release number of selected component (if applicable): ipa-admintools-1.91-0.2010100621git127ff31.fc13.x86_64 How reproducible: always Steps to Reproduce: 1.ipa netgroup-add-member --hosts=<valid host> <valid netgroup> Actual results: [root@ipaqa64vmb ~]# ipa netgroup-add-member --hosts=ipaqa64vmb.idm.lab.bos.redhat.com n1 ipa: ERROR: Insufficient access: Insufficient 'write' privilege to the 'externalHost' attribute of entry 'ipauniqueid=2e373180-d1a4-11df-a300-021016980183,cn=ng,cn=alt,dc=testrelm'.
https://fedorahosted.org/freeipa/ticket/336
Michael, can you test again with today's build? There was a typo in an aci (adminss instead of admins) that is probably the culprit. The fix was checked in last night.
Success: [root@ipaqa64vmb install]# ipa netgroup-add-member --hosts=ipaqa64vmb.idm.lab.bos.redhat.com group1 Netgroup name: group1 Description: group1 NIS domain name: testdomain Member Host: ipaqa64vmb.idm.lab.bos.redhat.com ------------------------- Number of members added 1 ------------------------- This seems to work in todays build. Thank you!