Bug 1492835
Summary: | Test connection fails to work while creating ldap auth source | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Kedar Bidarkar <kbidarka> | ||||
Component: | LDAP | Assignee: | Daniel Lobato Garcia <dlobatog> | ||||
Status: | CLOSED ERRATA | QA Contact: | Kedar Bidarkar <kbidarka> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 6.3.0 | CC: | bbuckingham, biholmes, bkearney, kbidarka, mhulan, rplevka, sjagtap, tstrachota | ||||
Target Milestone: | Unspecified | Keywords: | Regression, Triaged | ||||
Target Release: | Unused | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2018-02-21 17:06:40 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1293538 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Kedar Bidarkar
2017-09-18 17:30:59 UTC
We see the below message while we hit the "Test Connection". 2017-09-18 13:07:12 ec526c4c [app] [I] Current user: admin (administrator) 2017-09-18 13:07:12 ec526c4c [app] [W] Failed to connect to LDAP server | Foreman::WrappedException: ERF50-1006 [Foreman::WrappedException]: Unable to connect to LDAP server ([LdapFluff::Config::ConfigError]: unknown configuration keys: use_netgroups) | /usr/share/foreman/app/models/auth_sources/auth_source_ldap.rb:156:in `rescue in test_connection' | /usr/share/foreman/app/models/auth_sources/auth_source_ldap.rb:149:in `test_connection' | /usr/share/foreman/app/controllers/auth_source_ldaps_controller.rb:44:in `test_connection' | /opt/rh/rh-ror42/root/usr/share/gems/gems/actionpack-4.2.6/lib/action_controller/metal/implicit_render.rb:4:in `send_action' | /opt/rh/rh-ror42/root/usr/share/gems/gems/actionpack-4.2.6/lib/abstract_controller/base.rb:198:in `process_action' | /opt/rh/rh-ror42/root/usr/share/gems/gems/actionpack-4.2.6/lib/action_controller/metal/rendering.rb:10:in `process_action' | /opt/rh/rh-ror42/root/usr/share/gems/gems/actionpack-4.2.6/lib/abstract_controller/callbacks.rb:20:in `block in process_action' Also, I see a new option as mentioned below, I wonder if this change was planned for Sat6.3? Use netgroups Use NIS netgroups instead of posix groups. Created attachment 1327563 [details]
Unable to Add LDAP Auth Source
We see the attached traceback, while hitting the "Test Connection" button from the UI.
Kedar, could you please: rpm -qa | grep ldap_fluff I wonder what the version is. It seems like only the foreman side of netgroups support was merged, without the corresponding update in ldap_fluff. *** Bug 1493031 has been marked as a duplicate of this bug. *** In the linked bz it was reported we ship 0.4.6, I added needinfo in 1293538 which introduced the change but didn't pull new version of ldap_fluff (0.4.7 is needed). also, trying to create the auth source using cli/api results in 500 - 'resource has no error' Marek, this just requires the new ldap_fluff or another change as well? ~]# rpm -qav | grep -i ldap_fluff tfm-rubygem-ldap_fluff-0.4.6-1.el7sat.noarch From the setup of Sat6.3.0-snap16 Yes, it seems just updating ldap_fluff to 0.4.7 is enough. I think this can be closed since it will be addressed by BZ 1293538 but if you want to keep this open for later verification that's fine too. Re-linking the issue that was removed in comment 7 by accident. Yeah , I think we should track this bug independently of the above bug mentioned. Just to ensure, the "Basic LDAP authentication" functionality is working fine. The above bug, would track mostly the RFE related to "Netgroup LDAP authentication". Tested this for both IPA and AD LDAP auth source. Test Connection works for both IPA and AD LDAP Auth Source successfully. NOTE: Though "Test Connection" works for both AD and IPA LDAP auth source, we are currently unable to add AD LDAP auth source in this snap. VERIFIED with Sat6.3.0-snap17.0 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:0336 |