Bug 2174309

Summary: [ansible-freeipa] External group add fails while adding with members.
Product: Red Hat Enterprise Linux 8 Reporter: Varun Mylaraiah <mvarun>
Component: ansible-freeipaAssignee: Thomas Woerner <twoerner>
Status: CLOSED DUPLICATE QA Contact: Varun Mylaraiah <mvarun>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.8CC: dkarpele
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 2174310 (view as bug list) Environment:
Last Closed: 2023-04-20 05:48:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2174310    

Description Varun Mylaraiah 2023-03-01 05:51:23 UTC 
Description of problem:
The external group add fails while adding with members in the group module.
However, the group and its members were added. Additionally, I tested it on the CLI but I did not see any error.

Version-Release number of selected component (if applicable):



Steps to Reproduce:
root@master ~]# ipa group-show testexternal
ipa: ERROR: testexternal: group not found

---
- name: Playbook to ensure a external group is present with members
  hosts: ipaserver
  become: true

  tasks:
  # Create group
  - ipagroup:
      ipaadmin_password: <xxxxxxx>
      name: testexternal
      external: yes
  - ipagroup:
      ipaadmin_password:  <xxxxxxx>
      name: testexternal
      action: member
      user: gmm_user01

PLAYBOOK: external_group_with_members.yaml ********************************************************************
1 plays in external_group_with_members.yaml

PLAY [Playbook to ensure a external group is present with members] ********************************************

TASK [Gathering Facts] ****************************************************************************************
task path: /root/external_group_with_members.yaml:2
ok: [master.ipadomain.test]
META: ran handlers

TASK [ipagroup] ***********************************************************************************************
task path: /root/external_group_with_members.yaml:8
changed: [master.ipadomain.test] => {"changed": true}

TASK [ipagroup] ***********************************************************************************************
task path: /root/external_group_with_members.yaml:12
fatal: [master.ipadomain.test]: FAILED! => {"changed": false, "msg": "group_add_member: testexternal: Cannot perform external member validation without Samba 4 support installed. Make sure you have installed server-trust-ad sub-package of IPA on the server"}

PLAY RECAP ****************************************************************************************************
master.ipadomain.test      : ok=2    changed=1    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0



**Group "testexternal" and its members "gmm_user01" were added**
[root@master ~]# ipa group-show testexternal --all
  dn: cn=testexternal,cn=groups,cn=accounts,dc=ipadomain,dc=test
  Group name: testexternal
  Member users: gmm_user01
  ipauniqueid: 3e42bd6a-b328-11ed-bc82-fa163e349009
  objectclass: top, groupofnames, nestedgroup, ipausergroup, ipaobject,
               ipaexternalgroup


Actual results:
FAILED! => {"changed": false, "msg": "group_add_member: testexternal: Cannot perform external member validation without Samba 4 support installed. Make sure you have installed server-trust-ad sub-package of IPA on the server"}

Expected results:
Group should add without error.

Additional info:
CLI console output:

[root@master ~]# ipa group-show testexternal
ipa: ERROR: testexternal: group not found

[root@master ~]# ipa group-add testexternal --external
--------------------------
Added group "testexternal"
--------------------------
  Group name: testexternal

[root@master ~]# ipa group-add-member testexternal --users=gmm_user01
  Group name: testexternal
  Member users: gmm_user01
-------------------------
Number of members added 1
-------------------------

[root@master ~]# ipa group-show testexternal --all
  dn: cn=testexternal,cn=groups,cn=accounts,dc=ipadomain,dc=test
  Group name: testexternal
  Member users: gmm_user01
  ipauniqueid: 26c22e2a-b32b-11ed-8139-fa163e349009
  objectclass: top, groupofnames, nestedgroup, ipausergroup, ipaobject,
               ipaexternalgroup
Comment 1 Varun Mylaraiah 2023-04-20 05:48:14 UTC 

*** This bug has been marked as a duplicate of bug 2183820 ***