Description of problem: Was trying to find related document but it was not successful. One of customers is trying to configure LDAP Authentication in multiregion architecture - CloudForms 4.5 - Mutiregion environments with single LDAP service source. - DB replication is enabled to Global region from 3 remote regions as usual. 1. If customer enables ldap login from remote region as well as global region - users/miq-groups table are replicated to global region like other tables. - when customer try to login global ui with ldap authentication, they can't login - In the log, LDAP authentication is successful but UI is just saying incorrect id/passwd not go to next page - Found that same user is already existing in vmdb users table with different id(already replicated from remote-region) 2. Customer enabled ldap login from remote reqion and global region but EXCLUDING users/miq_groups table from replication. - users/miq-groups table are NOT replicated to global region - when customer try to login global ui with ldap authentication, they can login without issue. - However, customer can't see tag filtered info for each user, which applied in regional region. Version-Release number of selected component (if applicable): CFME 5.8 How reproducible: NA Steps to Reproduce: 1. 2. 3. Actual results: Was not able to find related info from general config guide as well as planning guide. Expected results: Looking for information regarding how to setup LDAP authentication in multi-region environment where multiple sub regions are replicating DB to global region. Additional info: Document URL: Section Number and Name: Describe the issue: Suggestions for improvement: Additional information:
This bug has been received by the Red Hat CloudForms documentation team, and the resolution is currently under discussion via email. Further updates shall be provided as more information becomes available.
https://github.com/ManageIQ/manageiq/pull/15516
https://github.com/ManageIQ/manageiq/pull/15517
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/7e82c801c532e4cf5437b74e25671c23b3e00af6 commit 7e82c801c532e4cf5437b74e25671c23b3e00af6 Author: Joe VLcek <jvlcek> AuthorDate: Wed Jul 5 16:36:49 2017 -0400 Commit: Joe VLcek <jvlcek> CommitDate: Wed Jul 5 16:36:49 2017 -0400 Check the current region when creating a new user https://bugzilla.redhat.com/show_bug.cgi?id=1467529 app/models/authenticator/base.rb | 2 +- app/models/authenticator/ldap.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
New commit detected on ManageIQ/manageiq/fine: https://github.com/ManageIQ/manageiq/commit/3ed87b674215e111d1b89c774ee8b721a01566a5 commit 3ed87b674215e111d1b89c774ee8b721a01566a5 Author: Joe VLcek <jvlcek> AuthorDate: Wed Jul 5 16:36:49 2017 -0400 Commit: Joe VLcek <jvlcek> CommitDate: Wed Jul 5 16:49:09 2017 -0400 Check the current region when creating a new user https://bugzilla.redhat.com/show_bug.cgi?id=1467529 app/models/authenticator.rb | 2 +- app/models/authenticator/ldap.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
Verified in 5.9.0.2 MIQLDAP-AD 3 appliances (1 -global, 2 regions)