Bug 1054391

Summary: RHEL7 ipa group-show lists SID instead of name for external groups
Product: Red Hat Enterprise Linux 7 Reporter: Scott Poore <spoore>
Component: ipaAssignee: Martin Kosek <mkosek>
Status: CLOSED CURRENTRELEASE QA Contact: Namita Soman <nsoman>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 7.0CC: abokovoy, rcritten
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-3.3.3-13.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 09:19:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Scott Poore 2014-01-16 18:06:16 UTC 
Description of problem:

Currently, ipa group-show lists External member as SID instead of by name:

[root@rhel7-1 ~]# ipa group-show adgroup1_ext
  Group name: adgroup1_ext
  Description: 0
  Member of groups: adgroup1
  External member: S-1-5-21-1515602834-2930230041-3336973146-1125

Can this be changed to list names instead?

Version-Release number of selected component (if applicable):
ipa-server-3.3.3-12.el7.x86_64

How reproducible:
always

Steps to Reproduce:
1.  Setup IPA Server with Trust to AD
2.  ipa group-add --desc=0 adgroup1_ext --external
3.  ipa group-add-member adgroup1_ext --external='AD2\aduser1' --users='' --groups=''
4.  ipa group-show adgroup1_ext

Actual results:
External member shown as SID

Expected results:
External member shown as name

Additional info:
Comment 2 Dmitri Pal 2014-01-16 21:15:06 UTC 
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/4123
Comment 3 Martin Kosek 2014-01-20 08:55:35 UTC 
Fixed upstream:

master:
3264b0eaafaceaddeb7226edc35ea4ae7f7b3e30 Remove SID resolve call from Web UI
fcd9a66b16cc76ed03ca6b688b4478b7858a0af8 group-show: resolve external members of the groups

ipa-3-3:
1f6322f1099babe4d25c7a9e6e6a43ce4eab766c Remove SID resolve call from Web UI
da5545d781b49f0991abfa3535ee0094eddbe337 group-show: resolve external members of the groups
Comment 5 Scott Poore 2014-01-22 17:38:16 UTC 
Verified.

Version ::
ipa-server-3.3.3-13.el7.x86_64


Test Results ::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa_trust_func_bug_1054391:  RHEL7 ipa group-show lists SID instead of name for external groups
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Password for admin.TEST: 
:: [   PASS   ] :: Running 'echo Secret123|kinit' (Expected 0, got 0)
---------------------------
Added group "bz1054391_ext"
---------------------------
  Group name: bz1054391_ext
  Description: 0
:: [   PASS   ] :: Running 'ipa group-add --desc=0 bz1054391_ext --external' (Expected 0, got 0)
  Group name: bz1054391_ext
  Description: 0
  External member: S-1-5-21-1515602834-2930230041-3336973146-1125
-------------------------
Number of members added 1
-------------------------
:: [   PASS   ] :: Running 'ipa group-add-member bz1054391_ext --external='AD2\aduser1'             --users='' --groups=''' (Expected 0, got 0)
  Group name: bz1054391_ext
  Description: 0
  External member: aduser1.test
:: [   PASS   ] :: Running 'ipa group-show bz1054391_ext 2>&1 | tee /tmp/tmpout.ipa_trust_func_bug_1054391' (Expected 0, got 0)
  Group name: bz1054391_ext
  Description: 0
  External member: aduser1.test
:: [   PASS   ] :: Running 'cat /tmp/tmpout.ipa_trust_func_bug_1054391' (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/tmpout.ipa_trust_func_bug_1054391' should contain 'aduser1@' 
:: [   PASS   ] :: BZ 1054391 not found
Comment 6 Ludek Smid 2014-06-13 09:19:19 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.