User Groups
Hello,
I have basic authentication working in Satellite 6.3 and it allows our users to log in and only create an account. I'm trying to set up the whole Roles/User group item. When I try to create a user group. and plug in the Distinguished name I always get a "is not found in the authentication source". in the logs I get this one error:
2018-03-07 14:13:02 0c930bdb [app] [I] Parameters: {"utf8"=>"✓", "authenticity_token"=>"6n/q2OXeLRdO3HZQsYXR4GzobalII+8IOMw8l9ALpqKy4wU4oDLt1Xqw9Pf0is5lhQFWlrYHliyBwg8ETKLpNQ==", "usergroup"=>{"name"=>"admins", "usergroup_ids"=>[""], "user_ids"=>[""], "admin"=>"1", "role_ids"=>[""], "external_usergroups_attributes"=>{"0"=>{"_destroy"=>"false", "name"=>"CN=Linux,OU=Security Groups,DC=myworkdomain,DC=com", "auth_source_id"=>"3"}}}, "commit"=>"Submit"}
Any ideas? I've opened up w a ticket w/ Redhat and its just being slow. Redhat Satellite 6.3 (Successful upgrade from 6.2)
Any info is greatly appreciated.
Thank You
Responses
Louis, I read you comment on solution 3358091, in which you noted the solution to your problem was to convert the whole of the distinguished name string to lowercase. Did you discover this on your own, or via the support case you raised with Red Hat? Would you mind mentioning the case number, so that I can view its history?
Regardless, if the DN always needs to be in lower case, I will make a note of that in the associated documentation.
Thank you for both starting the discussion and noting the solution. It benefits the entire community when you detail the solution to an issue. I hope no-one else experiences this problem, but if they do I hope they discover this discussion.
Thanks Louis. It worries me that you had to spent a few weeks trying to identify the cause of this problem. I would prefer no-one else went through that. I'll look over the case and see if I can identify the underlying issue here. Either a change should be made in Satellite, or the documentation could state the criteria for DN.
Louis - I would like to investigate this further, and need your help. When you were creating a user group, were you following the instructions in Procedure 8.6. To Configure an External User Group:?
If I understand correctly you entered the User group name in mixed case, but Satellite Server rejected this, reporting it could not find that group in the authentication source. Once you entered the User group name in lower case, the group could be found. How did you come up with the group's name to put into the User group field? The instructions state this should be copied from the output of the id command, which I believe is always in lower case.
I'd like to ensure that Satellite Server either accepts a group's name in mixed case, or rejects a mixed case group name with an informative error message. Your answers to these questions will help me better find the best way forward.
Thanks Louis. So when you entered the group's name in mixed case, as ^System Administrators@mydomain.com, Satellite Server responded that that group could not be found in the authentication source. When you instead entered the group's name in lower case, as ^system administrators@mydomain.com, Satellite Server accepted the group's name.
When you write "Now today if I were to try this again it would work..." do you mean that if you tried to add a new group from an AD source, Satellite Server would accept it even if the group's name was entered in mixed case? If so, that seems very strange. Was the "System Administrators" group the first you tried adding to Satellite Server?
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
