Created attachment 1507396 [details]
Description of problem:
In Webui showing "IPA Error 3007: RequirmentError" while adding members in "User ID overrides" tab
-Red Hat Enterprise Linux release 8.0 Beta (Ootpa)
Steps to Reproduce:
1. Setup ipa-server
2. Setup AD trust
3. Add Trust Domain, Go to Identity > IPA Server > Trusts > Trusts > Add
4. Create ID override for AD user, Go to Identity > ID View > click "Default Trust View"
5. Click "Add" button on the right-hand side
6. ADD <ADuser@addomain> in "user to override" field
7. Hit "Add"
8. Add AD user to admin group, Go to Identity > Groups > click "admins"
9. Now Click "User ID overrides" tab (next to "External" tab)
10. Then click "Add" button.
"IPA Error 3007: RequirmentError" Error dialog pops up.
Should pop up ADD dialog.
Please refer to the attached screenshot
Related CLI Bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=1651334
Part of FreeIPA 4.8.7:
28389fe Add design page for managing IPA resources as a user from a trusted Active Directory forest
ecc0a96 support using trust-related operations in the server console
973e0c0 idviews: handle unqualified ID override lookups from Web UI
bee4204 Support adding user ID overrides as group and role members
306304b tests: account for ID overrides as members of groups and roles
0ba64b1 Web UI: allow users from trusted Active Directory forest manage IPA
9248d23 ipatests: test that adding Active Directory user to a role makes it an administrator
afe9191 support using trust-related operations in the server console
2ffb4fd idviews: handle unqualified ID override lookups from Web UI
8cce2bb Support adding user ID overrides as group and role members
5e8df37 tests: account for ID overrides as members of groups and roles
99e613e Web UI: allow users from trusted Active Directory forest manage IPA
6b0f8f3 ipatests: test that adding Active Directory user to a role makes it an administrator
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.