871283 – A user which is not in the IPA users-list is created successfully whereas that should not be allowed (Headpin)

Bug 871283 - A user which is not in the IPA users-list is created successfully whereas that should not be allowed (Headpin)

Summary: A user which is not in the IPA users-list is created successfully whereas tha...

Keywords:
Status:	CLOSED DUPLICATE of bug 854293
Alias:	None
Product:	Subscription Asset Manager
Classification:	Retired
Component:	katello
Sub Component:
Version:	1.2
Hardware:	x86_64
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Jordan OMara
QA Contact:	Tazim Kolhar
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	sam12-tracker
TreeView+	depends on / blocked

Reported:	2012-10-30 06:55 UTC by Tazim Kolhar
Modified:	2016-04-26 00:54 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-11-05 20:41:37 UTC
Embargoed:

Attachments	(Terms of Use)
Non-IPA user (51.93 KB, image/png) 2012-10-30 06:55 UTC, Tazim Kolhar	no flags	Details
View All

Description Tazim Kolhar 2012-10-30 06:55:12 UTC

Created attachment 635362 [details]
Non-IPA user

Description of problem:
When one tries to add a new user via UI which is not
the IPA users list it can be added suceesfully but that 
should be not allowed

Version-Release number of selected component (if applicable):

# rpm -qa | grep katello
katello-configure-1.2.0-1.git.265.9575201.el6.noarch
katello-headpin-1.2.1-1.git.215.fcf601d.el6.noarch
katello-common-1.2.1-1.git.215.fcf601d.el6.noarch
katello-cli-1.2.1-1.git.95.b2e3af2.el6.noarch
katello-cli-common-1.2.1-1.git.95.b2e3af2.el6.noarch
katello-glue-candlepin-1.2.1-1.git.215.fcf601d.el6.noarch
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.1.9-1.el6.noarch
katello-selinux-1.1.2-1.el6.noarch
katello-headpin-all-1.2.1-1.git.215.fcf601d.el6.noarch



How reproducible:
# yum install -y katello-headpin-all
# katello-configure --deployment=headpin --user-name=admin --user-pass=**** --user-email=tkolhar --ldap-server=skyfire.lab.eng.pnq.redhat.com --auth-method=ldap --ldap-port=389 --ldap-server-type=':free_ipa' --ldap-users-basedn='dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com' --ldap-group-basedn='dc=skyfire,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com' --ldap-roles=true --ldap-anon-queries=false --ldap-service-user=admin --ldap-service-pass=******

Steps to Reproduce:
1.Login to WEB UI admin/****
2.Navigate to Administer -> Users
3.Create +New Users
4.Add a new user which is not in IPA list

  
Actual results:
User successfully created

Expected results:

Creation of user should not be allowed since it is not
in the IPA list

Additional info:

Comment 1 Jordan OMara 2012-11-05 20:41:37 UTC

This is because we do not validate users upon creation in LDAP mode; setting as dupe

*** This bug has been marked as a duplicate of bug 854293 ***

Note You need to log in before you can comment on or make changes to this bug.