Bug 962883

Summary: Free IPA auth configuration does not give me option to add LDAP Group to a role
Product: Red Hat Satellite Reporter: Og Maciel <omaciel>
Component: Content ManagementAssignee: Marek Hulan <mhulan>
Status: CLOSED NOTABUG QA Contact: Og Maciel <omaciel>
Severity: high Docs Contact:
Priority: unspecified    
Version: NightlyCC: jsherril, sthirugn
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-06-19 15:29:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Og Maciel 2013-05-14 17:08:50 UTC 
Description of problem:

Configuring my katello to use Free IPA for authentication did not expose the option to add LDAP Group to a role. When you use ActiveDirectory auth however, that option is available via the web ui. We need to expose this option for IPA auth as well.

Version-Release number of selected component (if applicable):

* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.8.7-1.el6.noarch
* candlepin-selinux-0.8.7-1.el6.noarch
* candlepin-tomcat6-0.8.7-1.el6.noarch
* elasticsearch-0.19.9-7.el6.noarch
* katello-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-all-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.4.2-1.el6.noarch
* katello-cli-1.4.2-1.git.48.441089b.el6.noarch
* katello-cli-common-1.4.2-1.git.48.441089b.el6.noarch
* katello-common-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-configure-1.4.3-1.git.12.bc3684c.el6.noarch
* katello-glue-candlepin-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-glue-elasticsearch-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-glue-pulp-1.4.2-1.git.333.d2a35bc.el6.noarch
* Katello-Katello-Installation-ConfigureRepos-1.7-3.noarch
* Katello-Katello-Installation-RegisterRHNClassic-1.1-3.noarch
* Katello-Katello-Sanity-ImportKeys-1.2-1.noarch
* katello-qpid-broker-key-pair-1.0-1.noarch
* katello-qpid-client-key-pair-1.0-1.noarch
* katello-repos-1.4.2-1.el6.noarch
* katello-selinux-1.4.3-1.git.3.ce8227b.el6.noarch
* openldap-2.4.23-26.el6.x86_64
* pulp-rpm-plugins-2.1.1-0.10.beta.el6.noarch
* pulp-selinux-2.1.1-0.10.beta.el6.noarch
* pulp-server-2.1.1-0.10.beta.el6.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-ldap_fluff-0.1.3-4.el6.noarch
* ruby193-rubygem-net-ldap-0.2.2-6.el6.noarch

How reproducible:


Steps to Reproduce:
1. Configure katello to use IPA auth
2. Login as the admin user and select a role
3.
  
Actual results:

There is no option to add a LDAP Group

Expected results:


Additional info:
Comment 1 Marek Hulan 2013-06-06 07:37:17 UTC 
Waiting on reproducing information.
Comment 4 Marek Hulan 2013-06-07 06:51:57 UTC 
Note you must enable ldap roles during katello-configure in order to see them. This will enable ldap_roles: in /etc/katello/katello.yml which is false in your case. Rerunning katello-configure --ldap-roles=true should solve it on affected machine. Also a restart of katello may be needed. Please let me know whether this helps.
Comment 5 Og Maciel 2013-06-19 15:29:40 UTC 
Our automation was not passing --ldap-roles=true to katello-configure. Sorry for the noise.