Show Table of Contents
B.5. Vaults
B.5.1. Users Cannot Access Their Vault Due To Insufficient 'add' Privilege
A user is unable to access his or her own user vault or add new user vaults. The following error message appears:
ipa: ERROR: Insufficient access: Insufficient 'add' privilege to add the entry 'cn=testvault,cn=user,cn=users,cn=vaults,cn=kra,dc=example,dc=com'.
What this means:
The user's vault container is owned by another user. Typically, this situation occurs after another user, such as
admin, creates the first user vault for the first user. The first user then cannot access any vaults in his or her own vault container.
To fix the problem:
Add the intended user as the owner of the vault container:
- Log in as
admin.$
kinit admin - Add user as the container owner:
$
ipa vaultcontainer-add-owner --user=user --users=userOwner users: admin, user Vault user: user ------------------------ Number of owners added 1 ------------------------Bothadminand user now have access to the user's vault container because they are both the owners of the container. - Optional. Verify that the user can now create a new user vault:
$
kinit user$ipa vault-add testvault2------------------------ Added vault "testvault2" ------------------------
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.