How to add "manage ACL"?

Hi,
we have a FDC consisting of two zones: A and B. I need to make 2 admin accounts: the first one responsible for the whole federation and the second responsible only for the zone B with full access to it. I tried to create admin user for the zone with the following ACLs:

$ oneacl list
   ID     USER RES_VHNIUTGDCOZSv   RID OPE UMAC  ZONE
   86      #10    ----U--------    @1      umac     *
   87      #10    V-NI-T---O-S-    @1      um--     *

But when I login using this admin account I get the following error:

Req:9760 UID:10 AclInfo result FAILURE [AclInfo] User [10] : Not authorized to perform MANAGE ACL.

How to add “manage ACL”?
Thank you!

Hi,

The MANAGE ACL permission cannot be managed with an ACL rule. This is something that OpenNebula grants internally to users in the oneadmin group exclusively. Besides, your zone B admin should not be able to manage ACLs if you don’t want it to manage the whole federation, because ACL rules apply to all zones.

If your user can’t manage ACL rules you should create a new sunstone view without the acl tab.

Regards