Red Hat Satellite 6.3 adds the ability to assign a location or organization to LDAP users so that this assignment is available on initial login. The Server Administration Guide must be updated to include the relevant steps.
From the release notes for Foreman 1.14 - Organization/location assignment for LDAP users Users created from an LDAP authentication source can now be assigned organizations and locations on their first login. First assign the organizations/locations to the LDAP authentication source via Administer > LDAP authentication and then on their subsequent first login, the user will be created and assigned the same orgs/locations. This ensures they have access to resources by default.
Upstream tracker - http://projects.theforeman.org/issues/6372
Assigning to Misha for review.
https://github.com/theforeman/theforeman.org/commit/4d7cc29c00b90c9ed8ce3cf9cf4389bd19a5554a contains the changes to the manual upstream In the UI, this is noticeable as creating a new Auth Source LDAP (under Administer > Auth Source LDAP), will show two tabs "Locations" and "organizations". These tabs contain the locations/organizations to be applied to newly created users that login using that LDAP connection. It primarily fixes the problem that in 6.2, people could login and have an account automatically created by LDAP, the account would have the proper roles, but an administrator had to add this new user to organizations/locations manually. Now it's automatic
Michaela, Yes, this feature was cherry-picked to 6.2.
Hello, These changes are now live on the customer portal. https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/server_administration_guide/chap-red_hat_satellite-server_administration_guide-configuring_external_authentication#sect-Red_Hat_Satellite-Server_Administration_Guide-Using_Configuring_Red_Hat_Satellite_to_Use_LDAP
Updating the target milestone to reflect the time frame in which this work was completed.
*** Bug 1348677 has been marked as a duplicate of this bug. ***