freeipa

Clone
Source Code
GIT

#7983 Staged user is not being recognized if the user entry doesn't have an objectClass "posixaccount"
Closed: fixed 4 years ago by frenaud. Opened 4 years ago by frenaud.

Closed: fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla: Bug 1721550

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Description of problem:

staged user is not recognized without objectClass posixaccount


Version-Release number of selected component (if applicable):

Red Hat Enterprise Linux 7.6

ipa-server-4.6.4-10.el7_6.3.x86_64



How reproducible:

Below output shows a staged user that was manually added with "ldapmodify", but
as you can see, it is not found with "ipa stageuser-find".

# Get credentials
kinit admin


# Add staged user
ldapmodify -Y GSSAPI
dn: uid=newtest,cn=staged users,cn=accounts,cn=provisioning,dc=example.com
changetype: add
objectClass: top
objectClass: inetorgperson
objectClass: organizationalPerson
objectClass: person
uid: newtest
sn: newtest
givenName: newtest
cn: newtest
^D

$ ldapsearch -Y GSSAPI uid=newtest
SASL/GSSAPI authentication started
SASL username: admin(a)EXAMPLE.COM
SASL SSF: 256
SASL data security layer installed.

extended LDIF

LDAPv3

base <dc=example,dc=com> (default) with scope subtree

filter: uid=newtest

requesting: ALL

newtest, staged users, accounts, provisioning, example.com

dn: uid=newtest,cn=staged users,cn=accounts,cn=provisioning,dc=example,dc=com
objectClass: top
objectClass: inetorgperson
objectClass: organizationalPerson
objectClass: person
uid: atest
sn: atest
givenName: atest
cn: atest

search result

search: 4
result: 0 Success

numResponses: 2

numEntries: 1

$ ipa stageuser-find

0 users matched

Number of entries returned 0

This user will be recognized, only if we add the following attributes:

objectClass: posixaccount
uidNumber:
gidNumber:
homeDirectory: /home/atest



Expected results:

ipa stageuser-find should list the user "newtest".


Additional info:

This was being discussed in the upstream community mailing lists.

(*) https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahost
ed.org/thread/AKYU734SUB2FDZWHFATKGX3OCICEFXAV/

Metadata Update from @frenaud:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1721550
4 years ago

Metadata Update from @frenaud:
- Issue assigned to frenaud
4 years ago

Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3289
4 years ago

master:

  • e9c4dcd stageuser-find: fix search with non-posix user
  • 0294ad2 ipatests: add a test for stageuser-find with non-posix account

ipa-4-7:

  • 525e964 stageuser-find: fix search with non-posix user
  • bf1e614 ipatests: add a test for stageuser-find with non-posix account

ipa-4-6:

  • 2c81375 stageuser-find: fix search with non-posix user
  • 174b3aa ipatests: add a test for stageuser-find with non-posix account

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
4 years ago

Metadata Update from @frenaud:
- Custom field test_case adjusted to ipatests/test_xmlrpc/test_stageuser_plugin.py::TestStagedUser::test_without_posixaccount
4 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
None
None
None
None
None
None
ipatests/test_xmlrpc/test_stageuser_plugin.py::TestStagedUser::test_without_posixaccount
None
None
https://github.com/freeipa/freeipa/pull/3289
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1721550
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.