Bug 871283 - A user which is not in the IPA users-list is created successfully whereas that should not be allowed (Headpin)
A user which is not in the IPA users-list is created successfully whereas tha...
Status: CLOSED DUPLICATE of bug 854293
Product: Subscription Asset Manager
Classification: Red Hat
Component: katello (Show other bugs)
1.2
x86_64 Linux
medium Severity medium
: rc
: ---
Assigned To: Jordan OMara
Tazim Kolhar
:
Depends On:
Blocks: sam12-tracker
  Show dependency treegraph
 
Reported: 2012-10-30 02:55 EDT by Tazim Kolhar
Modified: 2016-04-25 20:54 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-11-05 15:41:37 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Non-IPA user (51.93 KB, image/png)
2012-10-30 02:55 EDT, Tazim Kolhar
no flags Details

  None (edit)
Description Tazim Kolhar 2012-10-30 02:55:12 EDT
Created attachment 635362 [details]
Non-IPA user

Description of problem:
When one tries to add a new user via UI which is not
the IPA users list it can be added suceesfully but that 
should be not allowed

Version-Release number of selected component (if applicable):

# rpm -qa | grep katello
katello-configure-1.2.0-1.git.265.9575201.el6.noarch
katello-headpin-1.2.1-1.git.215.fcf601d.el6.noarch
katello-common-1.2.1-1.git.215.fcf601d.el6.noarch
katello-cli-1.2.1-1.git.95.b2e3af2.el6.noarch
katello-cli-common-1.2.1-1.git.95.b2e3af2.el6.noarch
katello-glue-candlepin-1.2.1-1.git.215.fcf601d.el6.noarch
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.1.9-1.el6.noarch
katello-selinux-1.1.2-1.el6.noarch
katello-headpin-all-1.2.1-1.git.215.fcf601d.el6.noarch



How reproducible:
# yum install -y katello-headpin-all
# katello-configure --deployment=headpin --user-name=admin --user-pass=**** --user-email=tkolhar@redhat.com --ldap-server=skyfire.lab.eng.pnq.redhat.com --auth-method=ldap --ldap-port=389 --ldap-server-type=':free_ipa' --ldap-users-basedn='dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com' --ldap-group-basedn='dc=skyfire,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com' --ldap-roles=true --ldap-anon-queries=false --ldap-service-user=admin --ldap-service-pass=******

Steps to Reproduce:
1.Login to WEB UI admin/****
2.Navigate to Administer -> Users
3.Create +New Users
4.Add a new user which is not in IPA list

  
Actual results:
User successfully created

Expected results:

Creation of user should not be allowed since it is not
in the IPA list

Additional info:
Comment 1 Jordan OMara 2012-11-05 15:41:37 EST
This is because we do not validate users upon creation in LDAP mode; setting as dupe

*** This bug has been marked as a duplicate of bug 854293 ***

Note You need to log in before you can comment on or make changes to this bug.