Bug 2185681

Summary: When using RHDS (Directory Server) the "User Group" feature it's not working as it should be
Product: Red Hat Satellite Reporter: Waldirio M Pinheiro <wpinheir>
Component: AuthenticationAssignee: Waldirio M Pinheiro <wpinheir>
Status: CLOSED DUPLICATE QA Contact: Satellite QE Team <sat-qe-bz-list>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.12.3CC: aruzicka, mhulan
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2024-05-09 14:12:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Waldirio M Pinheiro 2023-04-10 23:29:32 UTC 
Description of problem:
When setting the "Auth Source" pointing to a POSIX server, and enabling the "User Group" feature, it's not working as it should be.

Version-Release number of selected component (if applicable):
6.10 / 6.11 / 6.12

How reproducible:
100%

Steps to Reproduce:
1. Install sat and rhds
2. Create the user and group on rhds
3. Configure satellite in order to login using the credentials
4. Set correctly the user group feature, in order to match to the user group

Actual results:
When login, the user gets permission denied, and after refresh the user group (via webUI or CLI) the user is able to inherit the correct permission. However, in a second login, the user lost all the permissions provided by User Group

Expected results:
First, the match should be working during the login process, once the "usergroup sync" feature is enabled. This is not working.
Second, once we hit the refresh button and sync the information, this should not be lost once the customer logoff/logon.

Additional info:
Comment 5 Bryan Kearney 2023-04-16 20:03:25 UTC 
Upstream bug assigned to wpinheir
Comment 10 Adam Ruzicka 2024-05-09 14:12:58 UTC 
After looking at several BZs in this area, this seems to be a duplicate of BZ2127089. This BZ speaks about using RHDS. The older BZ doesn't mention RHDS explicitly, but it mentions specific schema that seems to cause this. This schema seems to be used by RHDS by default.

*** This bug has been marked as a duplicate of bug 2127089 ***