This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 962883 - Free IPA auth configuration does not give me option to add LDAP Group to a role
Free IPA auth configuration does not give me option to add LDAP Group to a role
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Content Management (Show other bugs)
Unspecified Unspecified
unspecified Severity high (vote)
: Unspecified
: --
Assigned To: Marek Hulan
Og Maciel
: Triaged
Depends On:
  Show dependency treegraph
Reported: 2013-05-14 13:08 EDT by Og Maciel
Modified: 2013-06-19 11:29 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-06-19 11:29:40 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Og Maciel 2013-05-14 13:08:50 EDT
Description of problem:

Configuring my katello to use Free IPA for authentication did not expose the option to add LDAP Group to a role. When you use ActiveDirectory auth however, that option is available via the web ui. We need to expose this option for IPA auth as well.

Version-Release number of selected component (if applicable):

* apr-util-ldap-1.3.9-3.el6_0.1.x86_64
* candlepin-0.8.7-1.el6.noarch
* candlepin-selinux-0.8.7-1.el6.noarch
* candlepin-tomcat6-0.8.7-1.el6.noarch
* elasticsearch-0.19.9-7.el6.noarch
* katello-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-all-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.4.2-1.el6.noarch
* katello-cli-1.4.2-1.git.48.441089b.el6.noarch
* katello-cli-common-1.4.2-1.git.48.441089b.el6.noarch
* katello-common-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-configure-1.4.3-1.git.12.bc3684c.el6.noarch
* katello-glue-candlepin-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-glue-elasticsearch-1.4.2-1.git.333.d2a35bc.el6.noarch
* katello-glue-pulp-1.4.2-1.git.333.d2a35bc.el6.noarch
* Katello-Katello-Installation-ConfigureRepos-1.7-3.noarch
* Katello-Katello-Installation-RegisterRHNClassic-1.1-3.noarch
* Katello-Katello-Sanity-ImportKeys-1.2-1.noarch
* katello-qpid-broker-key-pair-1.0-1.noarch
* katello-qpid-client-key-pair-1.0-1.noarch
* katello-repos-1.4.2-1.el6.noarch
* katello-selinux-1.4.3-1.git.3.ce8227b.el6.noarch
* openldap-2.4.23-26.el6.x86_64
* pulp-rpm-plugins-2.1.1-0.10.beta.el6.noarch
* pulp-selinux-2.1.1-0.10.beta.el6.noarch
* pulp-server-2.1.1-0.10.beta.el6.noarch
* python-ldap-2.3.10-1.el6.x86_64
* ruby193-rubygem-ldap_fluff-0.1.3-4.el6.noarch
* ruby193-rubygem-net-ldap-0.2.2-6.el6.noarch

How reproducible:

Steps to Reproduce:
1. Configure katello to use IPA auth
2. Login as the admin user and select a role
Actual results:

There is no option to add a LDAP Group

Expected results:

Additional info:
Comment 1 Marek Hulan 2013-06-06 03:37:17 EDT
Waiting on reproducing information.
Comment 4 Marek Hulan 2013-06-07 02:51:57 EDT
Note you must enable ldap roles during katello-configure in order to see them. This will enable ldap_roles: in /etc/katello/katello.yml which is false in your case. Rerunning katello-configure --ldap-roles=true should solve it on affected machine. Also a restart of katello may be needed. Please let me know whether this helps.
Comment 5 Og Maciel 2013-06-19 11:29:40 EDT
Our automation was not passing --ldap-roles=true to katello-configure. Sorry for the noise.

Note You need to log in before you can comment on or make changes to this bug.