Bug 1500068

Summary: polkit doesn't seem to honor groups from Active Directory
Product: Red Hat Enterprise Linux 7 Reporter: Jacob Hunt <jhunt>
Component: polkitAssignee: Miloslav Trmač <mitr>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.4CC: cww, jhunt, mitr, pkis
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-02-28 19:30:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jacob Hunt 2017-10-09 19:35:54 UTC 
Description of problem:

Configure polkit to run the 'Application Installer' with permissions from a group based in Active Directory.  Doing so still, prompts for the root password to run the program.

Version-Release number of selected component (if applicable)

polkit-0.112-12.el7_3.x86_64
polkit-pkla-compat-0.1-4.el7.x86_64

How reproducible:

100%

Steps to Reproduce:
1. Create a pkla file to allow actions from a group based in Active Directory

Actual results:

The GUI still prompts for the root password. 

Expected results:

For the configured group to be allowed to run the programs without prompting for root's password.

Additional info: