Description of problem: Today, the last commit for the external authentication support (http://projects.theforeman.org/issues/5031) was merged to Foreman develop. Since it won't be in Foreman 1.5.0, we'd need it cherry picked for Satellite 6.0. The commit is 1e8a50848d3636241f12ae584183ba19934cd120 since I believe all previous commits for the feature are in Foreman 1.5 (that seems to have been branched at 936bab04d3b1d3136c28b77129cc052bcd04260c. Version-Release number of selected component (if applicable): Satellite 6. How reproducible: Deterministic. Steps to Reproduce: 1. Attempt to use the product with external authentication against Identity Management / FreeIPA. 2. Have LookupUserGroupsIter REMOTE_USER_GROUP enabled and external group mapping defined, verify that groups are populated. 3. Change group memberships or one of the name/email attributes of existing Foreman user in IdM. 4. Log in as that user to Foreman. Actual results: Without the commit merged, attributes / group membership will not be up-to-date. Expected results: With the change in, attributes / group membership will be up-to-date. Additional info:
This is related to bug 1084136. Not sure if they should block each other and in what direction, so just mentioning it here.
Connecting redmine issue http://projects.theforeman.org/issues/5031 from this bug
Actually, commits d595397218a86e2e3628b82aa409ddb56def100e and fdc476db9c045ffd6148473e676f77eebae4207e are also needed.
qa -> asaleh
Set up the product with external authentication against Identity Management / FreeIPA, created usergroup and user in IPA, and usergroup with linked external usergroup in Sat 6. I assigned user to usergroup in ipa. On first successfull login, user has been registered to the relevant Sat 6 usergroup based on the link with external IPA usergroup. I removed usergroup from user. On the second login, the usergroup has been removed.
This was delivered with 6.0.3, which is the Satellite 6 Beta.