Bug 2229712
Summary: | Delete operation protection for admin user | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | Florence Blanc-Renaud <frenaud> |
Component: | ipa | Assignee: | Florence Blanc-Renaud <frenaud> |
Status: | CLOSED ERRATA | QA Contact: | Ganna Kaihorodova <gkaihoro> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 9.3 | CC: | abokovoy, amore, dconsoli, fhanzelk, gkaihoro, ipa-qe, mvarun, pasik, rcritten, sumenon, tscherf |
Target Milestone: | rc | Keywords: | Bugfix, Triaged |
Target Release: | --- | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Fixed In Version: | ipa-4.10.2-3.el9 | Doc Type: | Bug Fix |
Doc Text: |
.Deleting the IdM `admin` user is now no longer permitted
Previously, nothing prevented you from deleting the Identity
Management (IdM) `admin` user if you were a member of the `admins` group. The absence of the `admin` user causes the trust between IdM and Active Directory (AD) to stop functioning correctly. With this update, you can no longer delete the `admin` user. As a result, the IdM-AD trust works correctly.
|
Story Points: | --- |
Clone Of: | 1821181 | Environment: | |
Last Closed: | 2023-11-07 08:34:14 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1821181 | ||
Bug Blocks: |
Comment 1
Florence Blanc-Renaud
2023-08-07 12:30:56 UTC
Additional fix for the webui test: master: https://pagure.io/freeipa/c/e49ec1048db85f514e2db5960f773e5d56fa0cec Additional fix for the webui test: ipa-4-10: https://pagure.io/freeipa/c/13d5e88eb4ebb7a0132cbb050a9d230304ecbcff ipa-4-9: https://pagure.io/freeipa/c/7d62d84bdd3c2acd2f4bf70bb5fabf14c72e8ee7 Pre-verified using automation from webui/test_user.py with ipa-server-4.10.2-3.el9.x86_64 Error message thrown: 'user admin cannot be deleted/modified: privileged user'. (see the attached screenshot) Therefore marking as pre-verified - tested. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (ipa bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:6477 |