Bug 860421

Summary: subscription-manager refresh throws LdapFluff::FreeIPA::MemberService::UIDNotFoundException
Product: Red Hat Satellite Reporter: james labocki <jlabocki>
Component: Content ManagementAssignee: Katello Bug Bin <katello-bugs>
Status: CLOSED ERRATA QA Contact: Og Maciel <omaciel>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.0.0CC: asettle, aweiteka, cpelland, dmacpher, inecas, jlaska, mmccune, omaciel
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
When using LDAP-based authentication, System Engine was not verifying LDAP roles for auth-less API calls. This caused subscription-manager to fail when refreshing. This fix corrects the verification and now the roles are correctly verified.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-12-04 19:56:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description james labocki 2012-09-25 19:15:18 UTC 
Description of problem:
subscription-manager will allow a system to register, but the subscription-manager refresh command will fail with an error when using LDAP based authentication in System Engine.

[root@dhcp46-183 ~]# subscription-manager refresh
LdapFluff::FreeIPA::MemberService::UIDNotFoundException



Steps to Reproduce:
1. With local authentication, build a system template and export to cloud engine, build, push.

2. Enable LDAP using the instructions here.
http://documentation-devel.engineering.redhat.com/docs/en-US/CloudForms/1.1/html/Installation_Guide/Configuring_LDAP_for_CloudForms_System_Engine.html

3. Launch instances in Cloud Engine and subscribe them.

[root@dhcp46-183 ~]# subscription-manager register --username=myldapuser --password=redhat --org=cbu --environment=Dev
The system has been registered with id: 861a85ab-b232-44ba-a0d4-caa8e2e5c99e 

4. System registers and is seen 

[root@dhcp46-183 ~]# subscription-manager refresh
LdapFluff::FreeIPA::MemberService::UIDNotFoundException
Comment 2 Jordan OMara 2012-09-26 12:55:34 UTC 
Merged https://github.com/Katello/katello/pull/747
Comment 9 Og Maciel 2012-10-24 13:46:21 UTC 
Verified:

* candlepin-0.7.8.1-1.el6cf.noarch
* candlepin-selinux-0.7.8.1-1.el6cf.noarch
* candlepin-tomcat6-0.7.8.1-1.el6cf.noarch
* katello-1.1.12-17.el6cf.noarch
* katello-all-1.1.12-17.el6cf.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.1.8-1.el6cf.noarch
* katello-cli-1.1.8-9.el6cf.noarch
* katello-cli-common-1.1.8-9.el6cf.noarch
* katello-common-1.1.12-17.el6cf.noarch
* katello-configure-1.1.9-8.el6cf.noarch
* katello-glue-candlepin-1.1.12-17.el6cf.noarch
* katello-glue-pulp-1.1.12-17.el6cf.noarch
* katello-qpid-broker-key-pair-1.0-1.noarch
* katello-qpid-client-key-pair-1.0-1.noarch
* katello-selinux-1.1.1-2.el6cf.noarch
* pulp-1.1.14-1.el6cf.noarch
* pulp-common-1.1.14-1.el6cf.noarch
* pulp-selinux-server-1.1.14-1.el6cf.noarch
Comment 12 errata-xmlrpc 2012-12-04 19:56:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-1543.html