Bug 2157871

Summary: LDAP sync not working with bind details
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Sayalee <saraut>
Component: Ceph-DashboardAssignee: Nizamudeen <nia>
Status: ASSIGNED --- QA Contact: Sayalee <saraut>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 6.0CC: aasharma, ceph-eng-bugs, cephqe-warriors, pegonzal, sostapov
Target Milestone: ---   
Target Release: 6.1z2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
User_Federation_config none

Description Sayalee 2023-01-03 10:38:05 UTC 
Created attachment 1935450 [details]
User_Federation_config

Description of problem:
=======================
On RHCS 6.0 cluster, after configuring RHSSO and LDAP with Dashboard, the users created via Dashboard are not reflecting the RHSSO "User" list


Version-Release number of selected component (if applicable):
=============================================================
ceph version 17.2.5-46.el9cp (7040c06deed6dad26101eaa4b633edfb6ca0d8b2) quincy (stable)


How reproducible:
=================
Always


Steps to Reproduce:
===================
1. Deploy RHCS 6.0 cluster with Dashboard enabled.
2. Follow steps in RHCS Dashboard Guide[1][2][3] to install and setup SSO and configure LDAP.

[1]https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5/html/dashboard_guide/ceph-dashboard-installation-and-access#creating-an-admin-account-for-syncing-users-to-the-ceph-dashboard_dash
[2]https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5/html/dashboard_guide/ceph-dashboard-installation-and-access#syncing-users-to-the-ceph-dashboard-using-red-hat-single-sign-on_dash
[3]https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/5/html/dashboard_guide/ceph-dashboard-installation-and-access#enabling-single-sign-on-for-the-ceph-dashboard_dash


Actual results:
===============
Users created/added to Ceph Dashboard are not getting synced with LDAP and not reflecting under "Users" on the RHSSO even though LDAP connect was successful.


Expected results:
================
Ldap sync shoulld work with bind details.


Additional info:
================
# ceph -s
  cluster:
    id:     c3c64912-85e6-11ed-8acc-fa163e06c065
    health: HEALTH_OK
 
  services:
    mon: 3 daemons, quorum ceph-saya-bz-06o5e0-node1-installer,ceph-saya-bz-06o5e0-node2,ceph-saya-bz-06o5e0-node3 (age 26h)
    mgr: ceph-saya-bz-06o5e0-node2.fmcxod(active, since 6d), standbys: ceph-saya-bz-06o5e0-node1-installer.jbqypa
    mds: 1/1 daemons up, 1 standby
    osd: 18 osds: 18 up (since 26h), 18 in (since 6d)
    rgw: 2 daemons active (2 hosts, 1 zones)
 
  data:
    volumes: 1/1 healthy
    pools:   8 pools, 209 pgs
    objects: 235 objects, 457 KiB
    usage:   1.8 GiB used, 268 GiB / 270 GiB avail
    pgs:     209 active+clean


Screenshot of the RHSSO LDAP "User Federation" will be attached.
Comment 2 Scott Ostapovicz 2023-07-17 14:17:19 UTC 
Incorrectly targeted at 6.1 z1, retargeted to 6.1 z2.