#4874 Full set of objectclass not available post group detach.
Closed: Fixed None Opened 5 years ago by mkosek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1187540

Description of problem: After detaching a managed group from user, the full set
of objectclass is not available. And hence, adding a user to this group post
detach fails.


Version-Release number of selected component (if applicable):
ipa-server-4.1.0-16.el7.x86_64

How reproducible: Always


Steps to Reproduce:
1. ipa user-add --first gs --last r shanks
2. ipa group-detach shanks
3. ipa group-show shanks --all
4. ipa group-add-member shanks --users=user1


Actual results:
[root@qe-blade-05 ~]# ipa group-show shanks --all
  dn:
cn=shanks,cn=groups,cn=accounts,dc=idmqe,dc=lab,dc=eng,dc=bos,dc=redhat,dc=com
  Group name: shanks
  Description: User private group for shanks
  GID: 787600007
  ipauniqueid: 5f1a1a88-a873-11e4-947d-00215e2032c0
  objectclass: posixgroup, top, ipaobject
[root@qe-blade-05 ~]#

[root@qe-blade-05 ~]# ipa group-add-member shanks --users=user1
  Group name: shanks
  Description: User private group for shanks
  GID: 787600007
  Failed members:
    member user: user1: attribute "member" not allowed
    member group:
-------------------------
Number of members added 0
-------------------------
[root@qe-blade-05 ~]#



Expected results: Should contain full set of objectclass post detach and should
be able to add a user to it.


Additional info: https://fedorahosted.org/freeipa/ticket/250

Patch freeipa-mkosek-479-group-detach-does-not-add-correct-objectclasses.patch sent for review

master:

  • 8ea8a70 group-detach does not add correct objectclasses

ipa-4-1:

  • 2dd54c9 group-detach does not add correct objectclasses

regression tests ticket: #4909

Metadata Update from @mkosek:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 4.1.3

3 years ago

Login to comment on this ticket.

Metadata