Bug 997081 - LDAP fails validating group name in free_ipa mode
LDAP fails validating group name in free_ipa mode
Product: Subscription Asset Manager
Classification: Red Hat
Component: katello (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Katello Bug Bin
Depends On:
Blocks: sam13-tracker 971919
  Show dependency treegraph
Reported: 2013-08-14 11:45 EDT by sthirugn@redhat.com
Modified: 2013-10-01 07:19 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-10-01 07:19:22 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
free_ipa mode group validation failure (52.44 KB, image/png)
2013-08-14 11:45 EDT, sthirugn@redhat.com
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2013:1390 normal SHIPPED_LIVE Release 1.3 of Subscription Asset Manager 2013-10-01 10:43:14 EDT

  None (edit)
Description sthirugn@redhat.com 2013-08-14 11:45:17 EDT
Description of problem:
LDAP fails validating group name in free_ipa mode

Version-Release number of selected component (if applicable):
* candlepin-0.8.19-1.el6sam.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.8.19-1.el6sam.noarch
* candlepin-tomcat6-0.8.19-1.el6sam.noarch
* elasticsearch-0.19.9-8.el6sat.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.4.2-2.el6sat.noarch
* katello-cli-1.4.3-4.el6sat.noarch
* katello-cli-common-1.4.3-4.el6sat.noarch
* katello-common-1.4.3-5.el6sam_splice.noarch
* katello-configure-1.4.4-2.el6sat.noarch
* katello-glue-candlepin-1.4.3-5.el6sam_splice.noarch
* katello-glue-elasticsearch-1.4.3-5.el6sam_splice.noarch
* katello-headpin-1.4.3-5.el6sam_splice.noarch
* katello-headpin-all-1.4.3-5.el6sam_splice.noarch
* katello-selinux-1.4.4-2.el6sat.noarch
* thumbslug-0.0.32-1.el6sam.noarch
* thumbslug-selinux-0.0.32-1.el6sam.noarc

How reproducible:

Steps to Reproduce:
1. Install SAM server
2 .Run katello-configure in free ipa mode:
katello-configure --deployment=sam --user-name=$user --user-email=$email --ldap-server=$ldapServer --auth-method=ldap --ldap-port=389 --ldap-server-type='free_ipa' --ldap-users-basedn=$value --ldap-group-basedn=$value --ldap-roles=true --ldap-anon-queries=false --ldap-service-user=$serviceUser –ldap-service-pass=$servicePass --ldap-ad-domain=$domain
3. Log in to the web UI -> Administer -> Roles -> select  a role -> LDAP groups -> Try to add a valid free_ipa group.

Actual results:
(Screenshots attached)
Validation Failed:
ldap group does not exist in your current LDAP system. Please choose a different group, or contact your LDAP administrator to have this group created

Expected results:
A valid ldap group name should be added successfully without any errors

Additional info:
This fails in cli also
Comment 1 sthirugn@redhat.com 2013-08-14 11:45:48 EDT
Created attachment 786583 [details]
free_ipa mode group validation failure
Comment 4 sthirugn@redhat.com 2013-09-10 17:37:29 EDT
Accidentally changed back to POST
Comment 5 sthirugn@redhat.com 2013-09-10 19:03:37 EDT

* candlepin-0.8.25-1.el6sam.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.8.25-1.el6sam.noarch
* candlepin-tomcat6-0.8.25-1.el6sam.noarch
* elasticsearch-0.19.9-8.el6sat.noarch
* katello-candlepin-cert-key-pair-1.0-1.noarch
* katello-certs-tools-1.4.2-2.el6sat.noarch
* katello-cli-1.4.3-10.el6sat.noarch
* katello-cli-common-1.4.3-10.el6sat.noarch
* katello-common-1.4.3-12.el6sam_splice.noarch
* katello-configure-1.4.4-4.el6sat.noarch
* katello-glue-candlepin-1.4.3-12.el6sam_splice.noarch
* katello-glue-elasticsearch-1.4.3-12.el6sam_splice.noarch
* katello-headpin-1.4.3-12.el6sam_splice.noarch
* katello-headpin-all-1.4.3-12.el6sam_splice.noarch
* katello-selinux-1.4.4-2.el6sat.noarch
* thumbslug-0.0.34-1.el6sam.noarch
* thumbslug-selinux-0.0.34-1.el6sam.noarch
Comment 7 errata-xmlrpc 2013-10-01 07:19:22 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.