Created attachment 635362 [details] Non-IPA user Description of problem: When one tries to add a new user via UI which is not the IPA users list it can be added suceesfully but that should be not allowed Version-Release number of selected component (if applicable): # rpm -qa | grep katello katello-configure-1.2.0-1.git.265.9575201.el6.noarch katello-headpin-1.2.1-1.git.215.fcf601d.el6.noarch katello-common-1.2.1-1.git.215.fcf601d.el6.noarch katello-cli-1.2.1-1.git.95.b2e3af2.el6.noarch katello-cli-common-1.2.1-1.git.95.b2e3af2.el6.noarch katello-glue-candlepin-1.2.1-1.git.215.fcf601d.el6.noarch katello-candlepin-cert-key-pair-1.0-1.noarch katello-certs-tools-1.1.9-1.el6.noarch katello-selinux-1.1.2-1.el6.noarch katello-headpin-all-1.2.1-1.git.215.fcf601d.el6.noarch How reproducible: # yum install -y katello-headpin-all # katello-configure --deployment=headpin --user-name=admin --user-pass=**** --user-email=tkolhar --ldap-server=skyfire.lab.eng.pnq.redhat.com --auth-method=ldap --ldap-port=389 --ldap-server-type=':free_ipa' --ldap-users-basedn='dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com' --ldap-group-basedn='dc=skyfire,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com' --ldap-roles=true --ldap-anon-queries=false --ldap-service-user=admin --ldap-service-pass=****** Steps to Reproduce: 1.Login to WEB UI admin/**** 2.Navigate to Administer -> Users 3.Create +New Users 4.Add a new user which is not in IPA list Actual results: User successfully created Expected results: Creation of user should not be allowed since it is not in the IPA list Additional info:
This is because we do not validate users upon creation in LDAP mode; setting as dupe *** This bug has been marked as a duplicate of bug 854293 ***