Bug 1236216 - hammer auth-source does not allow all the settings
Summary: hammer auth-source does not allow all the settings
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Hammer
Version: 6.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
high vote
Target Milestone: Unspecified
Assignee: Martin Bacovsky
QA Contact: Kedar Bidarkar
URL: http://projects.theforeman.org/issues...
Whiteboard:
: 1242527 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-06-26 21:10 UTC by Andrew Schofield
Modified: 2019-08-15 04:47 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-09-15 07:22:13 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2015:1786 normal SHIPPED_LIVE Satellite 6.1.2 bug fix update 2015-09-15 11:20:04 UTC
Red Hat Knowledge Base (Solution) 1607873 None None None Never

Description Andrew Schofield 2015-06-26 21:10:09 UTC
Description of problem:

Using hammer auth-source to add an LDAP Authentication source does not allow a number of paramters to be set:

- 'Server Type' cannot be set and defaults to POSIX (I have to manually change this to 'Active Directory')
- 'Groups base DN' cannot be set
- 'LDAP filter' cannot be set.


# hammer auth-source ldap create --help
Usage:
    hammer auth-source ldap create [OPTIONS]

Options:
 --account ACCOUNT
 --account-password ACCOUNT_PASSWORD   required if onthefly_register is true
 --attr-firstname ATTR_FIRSTNAME       required if onthefly_register is true
 --attr-lastname ATTR_LASTNAME         required if onthefly_register is true
 --attr-login ATTR_LOGIN               required if onthefly_register is true
 --attr-mail ATTR_MAIL                 required if onthefly_register is true
 --attr-photo ATTR_PHOTO
 --base-dn BASE_DN
 --host HOST
 --name NAME
 --onthefly-register ONTHEFLY_REGISTER One of true/false, yes/no, 1/0.
 --port PORT                           defaults to 389
 --tls TLS                             One of true/false, yes/no, 1/0.
 -h, --help                            print help


Version-Release number of selected component (if applicable):
6.1 public beta.

How reproducible:
Always.

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 RHEL Product and Program Management 2015-06-26 21:12:27 UTC
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Comment 3 Martin Bacovsky 2015-07-07 11:49:28 UTC
Created redmine issue http://projects.theforeman.org/issues/11033 from this bug

Comment 4 Martin Bacovsky 2015-07-07 14:54:40 UTC
https://github.com/theforeman/hammer-cli/pull/173 is related and allows Hammer CLI to print the available values in hammer auth-source ldap create --help

Comment 5 Bryan Kearney 2015-07-08 12:04:45 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/11033 has been closed
-------------
Martin Bacovsky
Applied in changeset commit:66f3267354ee2a7391ef8feba27d1cb050d9b5df.

Comment 8 Bryan Kearney 2015-07-20 10:50:27 UTC
*** Bug 1242527 has been marked as a duplicate of this bug. ***

Comment 9 Kedar Bidarkar 2015-07-23 10:19:23 UTC
 ~]# hammer auth-source ldap create --help
Usage:
    hammer auth-source ldap create [OPTIONS]

Options:
 --account ACCOUNT                      
 --account-password ACCOUNT_PASSWORD   required if onthefly_register is true
 --attr-firstname ATTR_FIRSTNAME       required if onthefly_register is true
 --attr-lastname ATTR_LASTNAME         required if onthefly_register is true
 --attr-login ATTR_LOGIN               required if onthefly_register is true
 --attr-mail ATTR_MAIL                 required if onthefly_register is true
 --attr-photo ATTR_PHOTO                
 --base-dn BASE_DN                      
 --groups-base GROUPS_BASE             groups base DN
 --host HOST                            
 --ldap-filter LDAP_FILTER             LDAP filter
 --name NAME                            
 --onthefly-register ONTHEFLY_REGISTER One of true/false, yes/no, 1/0.
 --port PORT                           defaults to 389
 --server-type SERVER_TYPE             type of the LDAP server
 --tls TLS                             One of true/false, yes/no, 1/0.
 -h, --help                            print help


We now do have the options, but "server type" accepts only particular values like below, which unless specified by the CLI is not known to the user.

a) active_directory
b) free_ipa
c) posix

Providing these values for CLI is must, otherwise it would be annoying for the users.

Comment 10 Martin Bacovsky 2015-07-23 13:13:17 UTC
As mentioned in Comment #4 there is related update in hammer-cli:
https://github.com/mbacovsky/hammer-cli/commit/6bb7e02615666ddd87bfa311118535e279e32571
which allows hammer to print the available types.

$ hammer auth-source ldap create -h
Usage:
    hammer auth-source ldap create [OPTIONS]

Options:
 --account ACCOUNT                      
 --account-password ACCOUNT_PASSWORD   required if onthefly_register is true
 --attr-firstname ATTR_FIRSTNAME       required if onthefly_register is true
 --attr-lastname ATTR_LASTNAME         required if onthefly_register is true
 --attr-login ATTR_LOGIN               required if onthefly_register is true
 --attr-mail ATTR_MAIL                 required if onthefly_register is true
 --attr-photo ATTR_PHOTO                
 --base-dn BASE_DN                      
 --groups-base GROUPS_BASE             groups base DN
 --host HOST                            
 --ldap-filter LDAP_FILTER             LDAP filter
 --name NAME                            
 --onthefly-register ONTHEFLY_REGISTER One of true/false, yes/no, 1/0.
 --port PORT                           defaults to 389
 --server-type SERVER_TYPE             type of the LDAP server
                                       Possible value(s): 'free_ipa', 'active_directory', 'posix'
 --tls TLS                             One of true/false, yes/no, 1/0.
 --usergroup-sync USERGROUP_SYNC       sync external user groups on login
                                       One of true/false, yes/no, 1/0.
 -h, --help                            print help

Comment 12 Kedar Bidarkar 2015-09-01 14:12:14 UTC
We now do see the possible values for "server_type", as shown below.

~]# hammer -u admin -p changeme auth-source ldap create --help
Usage:
    hammer auth-source ldap create [OPTIONS]

Options:
 --account ACCOUNT                      
 --account-password ACCOUNT_PASSWORD   required if onthefly_register is true
 --attr-firstname ATTR_FIRSTNAME       required if onthefly_register is true
 --attr-lastname ATTR_LASTNAME         required if onthefly_register is true
 --attr-login ATTR_LOGIN               required if onthefly_register is true
 --attr-mail ATTR_MAIL                 required if onthefly_register is true
 --attr-photo ATTR_PHOTO                
 --base-dn BASE_DN                      
 --groups-base GROUPS_BASE             groups base DN
 --host HOST                            
 --ldap-filter LDAP_FILTER             LDAP filter
 --name NAME                            
 --onthefly-register ONTHEFLY_REGISTER One of true/false, yes/no, 1/0.
 --port PORT                           defaults to 389
 --server-type SERVER_TYPE             type of the LDAP server
                                       Possible value(s): 'free_ipa', 'active_directory', 'posix'
 --tls TLS                             One of true/false, yes/no, 1/0.


VERIFIED With sat6.1.2 20150826.0

Comment 14 errata-xmlrpc 2015-09-15 07:22:13 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2015:1786


Note You need to log in before you can comment on or make changes to this bug.