Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1187540
Description of problem: After detaching a managed group from user, the full set of objectclass is not available. And hence, adding a user to this group post detach fails. Version-Release number of selected component (if applicable): ipa-server-4.1.0-16.el7.x86_64 How reproducible: Always Steps to Reproduce: 1. ipa user-add --first gs --last r shanks 2. ipa group-detach shanks 3. ipa group-show shanks --all 4. ipa group-add-member shanks --users=user1 Actual results: [root@qe-blade-05 ~]# ipa group-show shanks --all dn: cn=shanks,cn=groups,cn=accounts,dc=idmqe,dc=lab,dc=eng,dc=bos,dc=redhat,dc=com Group name: shanks Description: User private group for shanks GID: 787600007 ipauniqueid: 5f1a1a88-a873-11e4-947d-00215e2032c0 objectclass: posixgroup, top, ipaobject [root@qe-blade-05 ~]# [root@qe-blade-05 ~]# ipa group-add-member shanks --users=user1 Group name: shanks Description: User private group for shanks GID: 787600007 Failed members: member user: user1: attribute "member" not allowed member group: ------------------------- Number of members added 0 ------------------------- [root@qe-blade-05 ~]# Expected results: Should contain full set of objectclass post detach and should be able to add a user to it. Additional info: https://fedorahosted.org/freeipa/ticket/250
attachment freeipa-mkosek-479-group-detach-does-not-add-correct-objectclasses.patch
Patch freeipa-mkosek-479-group-detach-does-not-add-correct-objectclasses.patch sent for review
master:
ipa-4-1:
regression tests ticket: #4909
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 4.1.3
Login to comment on this ticket.