9:09 a.m.
I finally have everything working pretty good. I have noticed that if I log
in to the user portal as a user with the regular "UserRole" granted and
only the the pool objects and the user portal session times I can not log
back in. The user portal shows the message the the user is not authorized
to perform this function. When I log in as admin and go to "users" then
view the permissions for the user I was just logged in as, the user no
longer shows the "UserRole" role even though the permissions on the pool
objects still show the role is granted. I have to delete the user from the
"Users" list and logging back in will refresh the permissions. I have ovirt
integrated with my active directory for logins. I am granting permissions
based on active directory groups. To grant the permissions, I am selecting
the object (usually a pool), then selecting the "permissions" tab and then
clicking "add"; I do a search for the group, i click the check box next to
it and click ok. The group permissions seem to remain on the object when
the user portal session times out, but the actual user that timed out loses
all permissions/roles. I have no idea what could be causing this other than
some sort of bug. Any ideas?
Thanks in advance.
10:05 a.m.
New subject: Users losing permissions when user portal session times out
----- Original Message -----
From: "Jeff Clay" <jeffclay(a)gmail.com>
To: users(a)ovirt.org, "paul thornton"
<paul.thornton(a)infotech-enterprises.com>
Sent: Thursday, May 8, 2014 9:09:00 AM
Subject: [ovirt-users] Users losing permissions when user portal session times out
I finally have everything working pretty good. I have noticed that if I log
in to the user portal as a user with the regular "UserRole" granted and
only the the pool objects and the user portal session times I can not log
back in. The user portal shows the message the the user is not authorized
to perform this function. When I log in as admin and go to "users" then
view the permissions for the user I was just logged in as, the user no
longer shows the "UserRole" role even though the permissions on the pool
objects still show the role is granted. I have to delete the user from the
"Users" list and logging back in will refresh the permissions. I have ovirt
integrated with my active directory for logins. I am granting permissions
based on active directory groups. To grant the permissions, I am selecting
the object (usually a pool), then selecting the "permissions" tab and then
clicking "add"; I do a search for the group, i click the check box next to
it and click ok. The group permissions seem to remain on the object when
the user portal session times out, but the actual user that timed out loses
all permissions/roles. I have no idea what could be causing this other than
some sort of bug. Any ideas?
Thanks in advance.
This is a known issue, and IIRC was resolved by Oved.
Oved, am I correct here?
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
10:09 a.m.
New subject: Users losing permissions when user portal session times out
Jeff, which ovrit version are you using?
Thanks.
----- Original Message -----
From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
To: "Jeff Clay" <jeffclay(a)gmail.com>
Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul thornton"
<paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
Sent: Thursday, May 8, 2014 10:05:46 AM
Subject: Re: [ovirt-users] Users losing permissions when user portal session times out
----- Original Message -----
> From: "Jeff Clay" <jeffclay(a)gmail.com>
> To: users(a)ovirt.org, "paul thornton"
> <paul.thornton(a)infotech-enterprises.com>
> Sent: Thursday, May 8, 2014 9:09:00 AM
> Subject: [ovirt-users] Users losing permissions when user portal session
> times out
>
> I finally have everything working pretty good. I have noticed that if I log
> in to the user portal as a user with the regular "UserRole" granted and
> only the the pool objects and the user portal session times I can not log
> back in. The user portal shows the message the the user is not authorized
> to perform this function. When I log in as admin and go to "users" then
> view the permissions for the user I was just logged in as, the user no
> longer shows the "UserRole" role even though the permissions on the pool
> objects still show the role is granted. I have to delete the user from the
> "Users" list and logging back in will refresh the permissions. I have
ovirt
> integrated with my active directory for logins. I am granting permissions
> based on active directory groups. To grant the permissions, I am selecting
> the object (usually a pool), then selecting the "permissions" tab and
then
> clicking "add"; I do a search for the group, i click the check box next
to
> it and click ok. The group permissions seem to remain on the object when
> the user portal session times out, but the actual user that timed out loses
> all permissions/roles. I have no idea what could be causing this other than
> some sort of bug. Any ideas?
>
> Thanks in advance.
This is a known issue, and IIRC was resolved by Oved.
Oved, am I correct here?
>
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
10:11 a.m.
New subject: Users losing permissions when user portal session times out
----- Original Message -----
From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
To: "Jeff Clay" <jeffclay(a)gmail.com>
Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul thornton"
<paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
Sent: Thursday, May 8, 2014 10:09:55 AM
Subject: Re: [ovirt-users] Users losing permissions when user portal session times out
Jeff, which ovrit version are you using?
Thanks.
It sounds similar to the following issues:
Bug 1069562 - When assigning permissions to user that belongs to a group indirectly, it
does not inherit the group permissions (resolved by me).
Bug 1081204 - [AAA] External user UI access unstable (resolved by Yair).
iirc both are part of 3.4, but will need to check it out.
Let's see what version you're using, and proceed from there.
Oved
----- Original Message -----
> From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
> To: "Jeff Clay" <jeffclay(a)gmail.com>
> Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul thornton"
> <paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
> Sent: Thursday, May 8, 2014 10:05:46 AM
> Subject: Re: [ovirt-users] Users losing permissions when user portal
> session times out
>
>
>
> ----- Original Message -----
> > From: "Jeff Clay" <jeffclay(a)gmail.com>
> > To: users(a)ovirt.org, "paul thornton"
> > <paul.thornton(a)infotech-enterprises.com>
> > Sent: Thursday, May 8, 2014 9:09:00 AM
> > Subject: [ovirt-users] Users losing permissions when user portal session
> > times out
> >
> > I finally have everything working pretty good. I have noticed that if I
> > log
> > in to the user portal as a user with the regular "UserRole" granted
and
> > only the the pool objects and the user portal session times I can not log
> > back in. The user portal shows the message the the user is not authorized
> > to perform this function. When I log in as admin and go to "users"
then
> > view the permissions for the user I was just logged in as, the user no
> > longer shows the "UserRole" role even though the permissions on the
pool
> > objects still show the role is granted. I have to delete the user from
> > the
> > "Users" list and logging back in will refresh the permissions. I
have
> > ovirt
> > integrated with my active directory for logins. I am granting permissions
> > based on active directory groups. To grant the permissions, I am
> > selecting
> > the object (usually a pool), then selecting the "permissions" tab
and
> > then
> > clicking "add"; I do a search for the group, i click the check box
next
> > to
> > it and click ok. The group permissions seem to remain on the object when
> > the user portal session times out, but the actual user that timed out
> > loses
> > all permissions/roles. I have no idea what could be causing this other
> > than
> > some sort of bug. Any ideas?
> >
> > Thanks in advance.
>
> This is a known issue, and IIRC was resolved by Oved.
> Oved, am I correct here?
>
> >
> > _______________________________________________
> > Users mailing list
> > Users(a)ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
3:05 p.m.
I'm using version 3.4.0-1.el6. The user I've been testing with was directly
added to this test-group in the AD.
On Thu, May 8, 2014 at 2:11 AM, Oved Ourfalli <ovedo(a)redhat.com> wrote:
----- Original Message -----
> From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
> To: "Jeff Clay" <jeffclay(a)gmail.com>
> Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul thornton"
<
paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
> Sent: Thursday, May 8, 2014 10:09:55 AM
> Subject: Re: [ovirt-users] Users losing permissions when user portal
session times out
>
> Jeff, which ovrit version are you using?
> Thanks.
>
It sounds similar to the following issues:
Bug 1069562 - When assigning permissions to user that belongs to a group
indirectly, it does not inherit the group permissions (resolved by me).
Bug 1081204 - [AAA] External user UI access unstable (resolved by Yair).
iirc both are part of 3.4, but will need to check it out.
Let's see what version you're using, and proceed from there.
Oved
>
> ----- Original Message -----
> > From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
> > To: "Jeff Clay" <jeffclay(a)gmail.com>
> > Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul
thornton"
> > <paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
> > Sent: Thursday, May 8, 2014 10:05:46 AM
> > Subject: Re: [ovirt-users] Users losing permissions when user portal
> > session times out
> >
> >
> >
> > ----- Original Message -----
> > > From: "Jeff Clay" <jeffclay(a)gmail.com>
> > > To: users(a)ovirt.org, "paul thornton"
> > > <paul.thornton(a)infotech-enterprises.com>
> > > Sent: Thursday, May 8, 2014 9:09:00 AM
> > > Subject: [ovirt-users] Users losing permissions when user portal
session
> > > times out
> > >
> > > I finally have everything working pretty good. I have noticed that
if I
> > > log
> > > in to the user portal as a user with the regular "UserRole"
granted
and
> > > only the the pool objects and the user portal session times I can
not log
> > > back in. The user portal shows the message the the user is not
authorized
> > > to perform this function. When I log in as admin and go to
"users"
then
> > > view the permissions for the user I was just logged in as, the user
no
> > > longer shows the "UserRole" role even though the permissions on
the
pool
> > > objects still show the role is granted. I have to delete the user
from
> > > the
> > > "Users" list and logging back in will refresh the permissions. I
have
> > > ovirt
> > > integrated with my active directory for logins. I am granting
permissions
> > > based on active directory groups. To grant the permissions, I am
> > > selecting
> > > the object (usually a pool), then selecting the "permissions"
tab and
> > > then
> > > clicking "add"; I do a search for the group, i click the check
box
next
> > > to
> > > it and click ok. The group permissions seem to remain on the object
when
> > > the user portal session times out, but the actual user that timed out
> > > loses
> > > all permissions/roles. I have no idea what could be causing this
other
> > > than
> > > some sort of bug. Any ideas?
> > >
> > > Thanks in advance.
> >
> > This is a known issue, and IIRC was resolved by Oved.
> > Oved, am I correct here?
> >
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users(a)ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > >
> > _______________________________________________
> > Users mailing list
> > Users(a)ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/users
> >
>
4:19 a.m.
Just to update, I saw in that bug report that 3.4.1-1 was released today. I
upgraded my engine and host and have not been able to reproduce the problem
yet. Thank you Yair and Oved.
On Thu, May 8, 2014 at 7:05 AM, Jeff Clay <jeffclay(a)gmail.com> wrote:
I'm using version 3.4.0-1.el6. The user I've been testing
with was
directly added to this test-group in the AD.
On Thu, May 8, 2014 at 2:11 AM, Oved Ourfalli <ovedo(a)redhat.com> wrote:
>
>
> ----- Original Message -----
> > From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
> > To: "Jeff Clay" <jeffclay(a)gmail.com>
> > Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul
thornton" <
> paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
> > Sent: Thursday, May 8, 2014 10:09:55 AM
> > Subject: Re: [ovirt-users] Users losing permissions when user portal
> session times out
> >
> > Jeff, which ovrit version are you using?
> > Thanks.
> >
>
> It sounds similar to the following issues:
> Bug 1069562 - When assigning permissions to user that belongs to a group
> indirectly, it does not inherit the group permissions (resolved by me).
> Bug 1081204 - [AAA] External user UI access unstable (resolved by Yair).
>
> iirc both are part of 3.4, but will need to check it out.
> Let's see what version you're using, and proceed from there.
>
> Oved
>
> >
> > ----- Original Message -----
> > > From: "Yair Zaslavsky" <yzaslavs(a)redhat.com>
> > > To: "Jeff Clay" <jeffclay(a)gmail.com>
> > > Cc: "Oved Ourfalli" <ovedo(a)redhat.com>, "paul
thornton"
> > > <paul.thornton(a)infotech-enterprises.com>, users(a)ovirt.org
> > > Sent: Thursday, May 8, 2014 10:05:46 AM
> > > Subject: Re: [ovirt-users] Users losing permissions when user portal
> > > session times out
> > >
> > >
> > >
> > > ----- Original Message -----
> > > > From: "Jeff Clay" <jeffclay(a)gmail.com>
> > > > To: users(a)ovirt.org, "paul thornton"
> > > > <paul.thornton(a)infotech-enterprises.com>
> > > > Sent: Thursday, May 8, 2014 9:09:00 AM
> > > > Subject: [ovirt-users] Users losing permissions when user portal
> session
> > > > times out
> > > >
> > > > I finally have everything working pretty good. I have noticed that
> if I
> > > > log
> > > > in to the user portal as a user with the regular "UserRole"
granted
> and
> > > > only the the pool objects and the user portal session times I can
> not log
> > > > back in. The user portal shows the message the the user is not
> authorized
> > > > to perform this function. When I log in as admin and go to
"users"
> then
> > > > view the permissions for the user I was just logged in as, the user
> no
> > > > longer shows the "UserRole" role even though the permissions
on the
> pool
> > > > objects still show the role is granted. I have to delete the user
> from
> > > > the
> > > > "Users" list and logging back in will refresh the
permissions. I
> have
> > > > ovirt
> > > > integrated with my active directory for logins. I am granting
> permissions
> > > > based on active directory groups. To grant the permissions, I am
> > > > selecting
> > > > the object (usually a pool), then selecting the
"permissions" tab
> and
> > > > then
> > > > clicking "add"; I do a search for the group, i click the
check box
> next
> > > > to
> > > > it and click ok. The group permissions seem to remain on the object
> when
> > > > the user portal session times out, but the actual user that timed
> out
> > > > loses
> > > > all permissions/roles. I have no idea what could be causing this
> other
> > > > than
> > > > some sort of bug. Any ideas?
> > > >
> > > > Thanks in advance.
> > >
> > > This is a known issue, and IIRC was resolved by Oved.
> > > Oved, am I correct here?
> > >
> > > >
> > > > _______________________________________________
> > > > Users mailing list
> > > > Users(a)ovirt.org
> > > > http://lists.ovirt.org/mailman/listinfo/users
> > > >
> > > _______________________________________________
> > > Users mailing list
> > > Users(a)ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > >
> >
>
3850
days inactive
3851
days old
5 comments
3 participants
participants (3)
-
Jeff Clay -
Oved Ourfalli -
Yair Zaslavsky