Bug 1496979

Summary: Check for UPN userid when "Get User Groups from External Authentication (httpd)" is not checkd
Product: Red Hat CloudForms Management Engine Reporter: Joe Vlcek <jvlcek>
Component: ApplianceAssignee: Joe Vlcek <jvlcek>
Status: CLOSED ERRATA QA Contact: Matt Pusateri <mpusater>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 5.8.0CC: abellott, jhardy, mpusater, obarenbo, simaishi
Target Milestone: GA   
Target Release: 5.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: auth:externalauth:ad
Fixed In Version: 5.9.0.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-03-01 13:18:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joe Vlcek 2017-09-28 20:53:25 UTC 
Description of problem:

When doing external authenticaiton if "Get User Groups from External Authentication (httpd)" is not checked user records with a userid in UPN format are not matched.

There are situations when the userid could be in UPN format and need to be matched.
Comment 2 CFME Bot 2017-09-28 22:21:48 UTC 
https://github.com/ManageIQ/manageiq/pull/16069
Comment 3 CFME Bot 2017-10-04 18:01:28 UTC 
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/2ba8f0c7617e8446ab87b7d9514772845b1824db

commit 2ba8f0c7617e8446ab87b7d9514772845b1824db
Author:     Joe VLcek <jvlcek>
AuthorDate: Thu Sep 28 18:03:13 2017 -0400
Commit:     Joe VLcek <jvlcek>
CommitDate: Fri Sep 29 10:46:50 2017 -0400

    Always check for userid as UPN
    
    Always check for userid in UPN format, even when "Get User Groups
    from External Authentication (httpd)" is not checked
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1496979

 app/models/authenticator/base.rb        |  4 +--
 app/models/authenticator/httpd.rb       |  9 ++++++
 spec/models/authenticator/httpd_spec.rb | 51 ++++++++++++++++++++++++---------
 3 files changed, 48 insertions(+), 16 deletions(-)
Comment 4 CFME Bot 2017-10-04 19:47:09 UTC 
https://github.com/ManageIQ/manageiq/pull/16079
Comment 5 Joe Vlcek 2017-10-09 13:34:11 UTC 
*** Bug 1496978 has been marked as a duplicate of this bug. ***
Comment 6 Matt Pusateri 2017-10-25 16:01:28 UTC 
Verified 5.9.0.2 - External auth - AD
Comment 9 errata-xmlrpc 2018-03-01 13:18:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0380