Hide Forgot
Description of problem: LDAP users in nested OUs unable to log in to SSUI without supplying full DN. Same user can successfully log in to CF admin portal. Version-Release number of selected component (if applicable): CFME 5.6.1 How reproducible: Steps to Reproduce: 1. Set LDAP authentication config, for example :basedn: OU=Persons,0=domain :user_type: samaccountname 2. Log in to SSUI with userid 3. Login fails, producing this error in evm (note successful and failed messages): WARN -- : MIQ(Authenticator::Ldap#authorize) Authentication failed for userid userid, unable to find user object in LDAP WARN -- : <AuditFailure> MIQ(Authenticator.block in authorize) userid: [userid] - Authentication failed for userid userid, unable to find user object in LDAP INFO -- : <AuditSuccess> MIQ(Authenticator.authenticate) userid: [userid] - Authentication successful for user userid ERROR -- : <API> MIQ(ApiController.api_error) MiqException::MiqEVMLoginError: Authentication failed 4. Log in to SSUI with user full DN, for example: CN=userid,OU=E,OU=D,OU=External,OU=Persons,O=domain 5. Login successful, with this in evm log: INFO -- : MIQ(Authenticator::Ldap#authorize) Authorized User: [userid] [----] I, [2016-09-29T18:29:50.309468 #3772:187c098] INFO -- : MIQ(MiqTask#update_status) Task: [1000000012152] [Finished] [Ok] [User authorized successfully] [----] I, [2016-09-29T18:29:50.325692 #3772:187c098] INFO -- : <AuditSuccess> MIQ(Authenticator.authenticate) userid: [CN=userid,OU=E,OU=D,OU=External,OU=Persons,O=domain] - Authentication successful for user CN=userid,OU=E,OU=D,OU=External,OU=Persons,O=domain Actual results: Unable to log in with userid Expected results: Successful log in with userid Additional info: Same user can successfully log in to CF admin portal.
Closing this BZ since 5.6 is in "Maintenance Support" phase. Please check on latest released version and create another BZ if needed.