Bug 819010 - With ldap enabled instance of SAM / Katello remove user has no value
Summary: With ldap enabled instance of SAM / Katello remove user has no value
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Subscription Asset Manager
Classification: Retired
Component: katello
Version: 1.0.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: ---
Assignee: Bryan Kearney
QA Contact: SAM QE List
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-05-04 15:04 UTC by Eric Sammons
Modified: 2012-08-02 12:50 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2012-05-07 19:29:14 UTC
Embargoed:

Attachments (Terms of Use)

Description Eric Sammons 2012-05-04 15:04:24 UTC 
Description of problem:
When working in a ldap enabled instance of sam or katello the remove user option has no meaningful value as a user removed can easily login again and (re)acquire all unmodified permissions (s)he previously had.

Version-Release number of selected component (if applicable):
katello-headpin-all-0.2.6-1.el6_2.noarch

Steps to Reproduce:
1. Configure ldap instance
2. login with admin
3. navigate to Administrator / Users
4. Select a user
5. Remove User
6. Logout
7. Login as deleted user
  
Actual results:
Login is successful and user is back in business.

Expected results:
With ldap, either allow r/w access to the ldap to admin users (not necessarily a good idea), or flag a user in the database as disabled (v. delete), or remove the remove user capability all together when warden = ldap.

Additional info:
Comment 1 Jordan OMara 2012-05-07 19:10:52 UTC 
See comment in: https://bugzilla.redhat.com/show_bug.cgi?id=819002. Remove user allows you to remove all of the details pre-set about an LDAP user. 

However, please note that when an LDAP user logs back in, if their user is destroyed via remove_user it will be recreated (with default values)
Note You need to log in before you can comment on or make changes to this bug.