Bug 1306092

Summary: [RFE] "maintenance mode" - limit access to LDAP filter or manual user/group list
Product: Red Hat CloudForms Management Engine Reporter: Jeff Warnica <jwarnica>
Component: SecurityAssignee: John Hardy <jhardy>
Status: CLOSED WONTFIX QA Contact: Dave Johnson <dajohnso>
Severity: low Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: jhardy, jprause, jrafanie, kseifried, obarenbo
Target Milestone: GAKeywords: FutureFeature
Target Release: cfme-future   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-28 15:07:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeff Warnica 2016-02-10 01:11:00 UTC 
It is often desirable to be able to put an installation into some limited maintenance mode, e.g. during testing after a controlled code push, limit access to a small number of users.

Proposal:

Implement an LDAP filter to apply to user attempting to access the appliances, during maintenance windows, e.g. (|(memberOf=cfAdmins)(memberOf=infrastureAdmins))

or

Provide a way within CF to define a simple list of users, and/or groups, who can (whose members can) access, when intelligence mode is enabled.

Note: it would be desirable that the filter, or list, remain configure, e.g. that maintenance is a flag not a derived fact from the filter or list being non-blank.
Comment 4 Chris Pelland 2017-08-28 15:07:03 UTC 
This bug has been open for more than a year and is assigned to an older release of CloudForms. 
If you would like to keep this Bugzilla open and if the issue is still present in the latest version of the product, please file a new Bugzilla which will be added and assigned to the latest release of CloudForms.