Bug #11644
closed
External user group outside of user basedn
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1195878
Description of problem:
Linked external groups fail to work as the group base dn is outside of the LDAP configured base dn.
Version-Release number of selected component (if applicable):
foreman-1.6.0.53-1.el7sat.noarch
How reproducible:
Always
Steps to Reproduce:
1. Setup LDAP authentication
2. Create a group in the LDAP directory outside of the LDAP configured based DN
3. Create a usergroup with an external link to the usergroup name on the authentication source of your LDAP server.
Actual results:
Expected results:
Creating a user group with the external group linked works as intended for LDAP users.
Additional info:
Updated by Daniel Lobato Garcia over 8 years ago
- Status changed from New to Need more information
Is this really a bug? The base DN is precisely there to limit where do we have to look for. If the DN for the user group falls outside the base DN, Foreman is precisely configured not to look at it. There's a groups base DN that can be set in the auth source precisely for this. This groups base DN will override the regular base DN on group operations.
I'm changing this to need more information for the moment.
Updated by Dominic Cleal over 8 years ago
- Category set to Authentication
- Assignee deleted (
Marek Hulán)
And precisely which base DN are you talking about, as there are two.
Updated by Marek Hulán over 8 years ago
- Status changed from Need more information to Resolved
From the BZ
The LDAP linking of groups would fail for any group outside of the base dn. If the groups base dn was set to the same ou location of the group it would also fail to link/find the group. The only way to resolve the issue was to create a group object in the same location as the base dn.
I've just tested this since this is quite a few releases ago and it's working as intended in 6.1.1.
so I change this to Resolved
Note this was tested as working against:
foreman-1.7.2.33-1.el7sat.noarch