Support #17997
open
Foreman usergroup is not getting updated with LDAP groups
Description
Hello,
I have done following task in my local VM
1) Installed Foreman (1.11) - VM1
2) Installed OpenLDAP and PHPLdapAdmin - VM2
3) Configured LDAP Authentication in Foreman
- Populated LDAP server, Account and Attribute Mapping correctly. Enabled user creation on fly.
- Created usergroup (Assign admin role) and tragged the same with external usergroup
I tried to login foreman with LDAP user and user is getting authenticated successfully by LDAP.
But it is showing user is not having the permission to see the dashboad as user is not mapped to the specific usergroup.
Analysis done:
1) Enabled loggin to debug for App, LDAP, Permission and SQL (modified /etc/foreman/settings.yaml)
2) I can see Foreman is getting the user details ('tom john', 'sam mathew') from LDAP while usergroup refreshing but not getting mapped with the usergroup.
------------------------------------------------------------------------------------------------------------------------------
2017-01-10T02:42:42 [sql] [D] User Load (0.3ms) SELECT "users".* FROM "users" INNER JOIN "usergroup_members" ON "users"."id" = "usergroup_members"."member_id" WHERE "usergroup_members"."usergroup_id" = $1 AND "usergroup_members"."member_type" = 'User' ORDER BY firstname "usergroup_id", 1
2017-01-10T02:42:42 [ldap] [D] op bind (1.1ms) [ result=success ]
2017-01-10T02:42:42 [ldap] [D] op search (1.8ms) [ filter=, base= ]
2017-01-10T02:42:42 [ldap] [D] op search (2.0ms) [ filter=(cn=admins), base=dc=test,dc=com ]
2017-01-10T02:42:42 [ldap] [D] op search (2.2ms) [ filter=(cn=admins), base=dc=test,dc=com ]
2017-01-10T02:42:42 [ldap] [D] op search (2.0ms) [ filter=(|(|(|(objectClass=posixGroup)(objectClass=organizationalunit))(objectClass=groupOfUniqueNames))(objectClass=groupOfNames)), base=cn=admins,ou=groups,dc=test,dc=com ]
2017-01-10T02:42:42 [ldap] [D] user_list (10.4ms) [ group=admins ]
2017-01-10T02:42:42 [sql] [D] ExternalUsergroup Load (0.2ms) SELECT "external_usergroups".* FROM "external_usergroups" WHERE "external_usergroups"."usergroup_id" = $1 "usergroup_id", 1
2017-01-10T02:42:42 [sql] [D] User Load (0.4ms) SELECT "users".* FROM "users" WHERE 1=0 ORDER BY firstname
2017-01-10T02:42:42 [sql] [D] (0.1ms) BEGIN
2017-01-10T02:42:42 [sql] [D] (0.1ms) COMMIT
2017-01-10T02:42:42 [sql] [D] User Load (0.3ms) SELECT "users".* FROM "users" WHERE "users"."lower_login" IN ('tom john', 'sam mathew') ORDER BY firstname
2017-01-10T02:42:42 [sql] [D] (0.1ms) BEGIN
2017-01-10T02:42:42 [sql] [D] (0.0ms) COMMIT
2017-01-10T02:42:42 [app] [I] Redirected to https://192.168.58.173/usergroups
2017-01-10T02:42:42 [app] [I] Completed 302 Found in 33ms (ActiveRecord: 3.4ms)
-----------------------------------------------------------------------------------------------------
Please help
Files
No data to display