Bug 955698

Summary: [RFE] Better integration with the external provisioning systems - hosts
Product: Red Hat Enterprise Linux 6 Reporter: Dmitri Pal <dpal>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: Namita Soman <nsoman>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 6.5CC: ksiddiqu, lnovich, mkosek, spoore
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-3.0.0-31.el6 Doc Type: Enhancement
Doc Text:
Feature: Allow userClass attribute for Identity Management server host entries. Reason: Host entries did not contain a free-form attribute usable for host provisioning systems to tag or set class for a new host which could then be used by other functions of Identity Management like by Automatic Membership Assignment module. Result (if any): Administrators and provisioning systems may now take advantage of host entry userClass attribute.
 Story Points: ---
Clone Of: 955695 Environment:
Last Closed: 2013-11-21 20:53:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 955695    
Bug Blocks:    

Description Dmitri Pal 2013-04-23 14:48:09 UTC 
+++ This bug was initially created as a clone of Bug #955695 +++

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3583

Allow a provisioning system to define a class/tag/template for the user/host entry it provisions so that IPA can automatically create group membership structure and in future do other automatic operations.

More details can be found on the design page. 
http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems

---

The first step will be to add `userClass` attributeType for hosts. The attribute will be added in a MAY list of current objectClass `ipaHost`.

A follow-up ticket was opened for second phase of this effort: #3588.
Comment 1 Rob Crittenden 2013-04-26 15:10:07 UTC 
Fixed upstream.

master: 5af2e1779ae1a0eca785493c8ed2eb044c8e282a

ipa-3-1: 174a89247ef40e27d454387b625a7d6c7112b9bc
Comment 7 Scott Poore 2013-09-16 20:02:36 UTC 
Verified.

Version ::

ipa-server-3.0.0-35.el6.x86_64

Automated Test Results from Upgrade tests ::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa_upgrade_bz955698 - [RFE] Better integration with the external provisioning systems - hosts
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

------------------------------------
Added host "bz955698-1.testrelm.com"
------------------------------------
  Host name: bz955698-1.testrelm.com
  Principal name: host/bz955698-1.testrelm.com
  Class: bug_test
  Password: False
  Keytab: False
  Managed by: bz955698-1.testrelm.com
:: [   PASS   ] :: Running 'ipa host-add bz955698-1.testrelm.com --force --class='bug_test'' (Expected 0, got 0)
:: [   PASS   ] :: File '/usr/share/ipa/60basev2.ldif' should contain 'ipaHost.*userClass' 
:: [   PASS   ] :: Running 'ipa host-show bz955698-1.testrelm.com --raw > /tmp/errormsg.out 2>&1' (Expected 0, got 0)
  fqdn: bz955698-1.testrelm.com
  krbprincipalname: host/bz955698-1.testrelm.com
  userclass: bug_test
  has_password: False
  has_keytab: False
  managedby: fqdn=bz955698-1.testrelm.com,cn=computers,cn=accounts,dc=testrelm,dc=com
:: [   PASS   ] :: Running 'cat /tmp/errormsg.out' (Expected 0, got 0)
:: [   PASS   ] :: File '/tmp/errormsg.out' should contain 'userclass:.*bug_test' 
:: [   PASS   ] :: BZ 955698 not found 
:: [   PASS   ] :: userClass available 
--------------------------------------
Deleted host "bz955698-1.testrelm.com"
--------------------------------------
:: [   PASS   ] :: Running 'ipa host-del bz955698-1.testrelm.com' (Expected 0, got 0)
Comment 8 Kaleem 2013-09-19 11:08:19 UTC 
Archived beaker job link.

https://beaker.engineering.redhat.com/jobs/499271

Following is the snip from beaker result summary.

   [   PASS   ]      BZ955698 TC1 Check userClass attribute exists in objectClass ipaHost in schema bz955698
   [   PASS   ]      BZ955698 TC2 Add host in single hostgroup using regex set for hostgroup bz955698
   [   PASS   ]      BZ955698 TC3 Add host in multiple hostgroups using regex set for hostgroups bz955698
   [   PASS   ]      BZ955698 TC4 Add host using non-existing regex
   [   PASS   ]      BZ955698 TC5 Find hosts using single value for class parameter
   [   PASS   ]      BZ955698 TC6 Find hosts using multiple values for class parameter
   [   PASS   ]      BZ955698 TC7 ipa host-find with non-existent value for class parameter
   [   PASS   ]      BZ955698 TC8 change hostgroup of host using class parameter to another hostgroup
   [   PASS   ]      BZ955698 TC9 Add host in multiple hostgroups using class parameter from a single hostgroup
   [   PASS   ]      BZ955698 TC10 help text displays this new parameter
   [   PASS   ]      Cleanup

IPA Version:
===========
Installed:
  ipa-server.x86_64 0:3.0.0-36.el6
Comment 10 errata-xmlrpc 2013-11-21 20:53:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1651.html