Cluster Role assigned to Group does not grant permissions assigned by Role

Solution Verified - Updated -

Issue

  • After using LDAP Group Sync to generate Openshift based groups, users assigned to the group are not given the cluster-admin permission assigned by the role.
    Used the LDAPSyncConfig with a groupUIDNameMapping in order to assign the openshift group "Administrators". Able to see the Administrators group in oc get groups output, then attempted to assign the group the role cluster-admin with the following command:
# oc adm policy add-cluster-role-to-group cluster-admin Administrators

Environment

  • OpenShift Container Platform
    • 3.11
    • 4.X
  • LDAP

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content