Bug 1437578

Summary: Empty value when retrieving members of "Domain Users"
Product: Red Hat Satellite Reporter: Waldirio M Pinheiro <wpinheir>
Component: LDAPAssignee: Daniel Lobato Garcia <dlobatog>
Status: CLOSED ERRATA QA Contact: Sanket Jagtap <sjagtap>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2.7CC: mhulan, sghai, sgraessl, wpinheir
Target Milestone: 6.4.0Keywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-10-16 18:57:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Domain Users error none

Description Waldirio M Pinheiro 2017-03-30 15:10:08 UTC 
Description of problem:
Via foreman-rake when retrieving information from "Domain Users" the value is empty although when retrieving information from one new group just created, the retrieved value is correct.

Version-Release number of selected component (if applicable):
6.2.8

How reproducible:
100%

Steps to Reproduce:
1. Login via foreman-rake console
2. source_now = AuthSourceLdap.find_by_id(3) # on my case, my connection is #3
3. conn = source_now.ldap_con
4. conn.valid_group?('Domain Users')         # result here is true
5. conn.user_list('Domain Users')            # the result here is empty (should see 4 users)

Actual results:
Should be possible see all members of "Domain Users", instead we see empty value.

Expected results:
See all users memberof "Domain Users"

Additional info:
Comment 2 Marek Hulan 2017-04-12 12:05:25 UTC 
Thanks for the report. What type of LDAP is AuthSourceLdap configured to? IPA/AD/OpenLDAP? Also could you try specifying the full group id e.g. "CN=Satellite,CN=Users,DC=domain,DC=example"
Comment 9 Daniel Lobato Garcia 2017-11-10 07:59:34 UTC 
I will add a warning if anyone tries to add a external group called "Domain users". Thanks Waldirio & Marek for the detailed testing & repro instructions.
Comment 10 Daniel Lobato Garcia 2017-11-10 08:01:25 UTC 
Created redmine issue http://projects.theforeman.org/issues/21626 from this bug
Comment 11 Satellite Program 2017-11-13 13:18:31 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/21626 has been resolved.
Comment 13 Sanket Jagtap 2018-09-11 14:58:40 UTC 
Build: Satellite 6.4.0 snap21

Error was shown when tried to add domain users as external group in satellite 

PFA
Comment 14 Sanket Jagtap 2018-09-11 14:59:02 UTC 
Created attachment 1482393 [details]
Domain Users error
Comment 15 Bryan Kearney 2018-10-16 18:57:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2927