[ovirt-users] Users losing permissions when user portal session times out
Jeff Clay
jeffclay at gmail.com
Thu May 8 12:05:35 UTC 2014
I'm using version 3.4.0-1.el6. The user I've been testing with was directly
added to this test-group in the AD.
On Thu, May 8, 2014 at 2:11 AM, Oved Ourfalli <ovedo at redhat.com> wrote:
>
>
> ----- Original Message -----
> > From: "Yair Zaslavsky" <yzaslavs at redhat.com>
> > To: "Jeff Clay" <jeffclay at gmail.com>
> > Cc: "Oved Ourfalli" <ovedo at redhat.com>, "paul thornton" <
> paul.thornton at infotech-enterprises.com>, users at ovirt.org
> > Sent: Thursday, May 8, 2014 10:09:55 AM
> > Subject: Re: [ovirt-users] Users losing permissions when user portal
> session times out
> >
> > Jeff, which ovrit version are you using?
> > Thanks.
> >
>
> It sounds similar to the following issues:
> Bug 1069562 - When assigning permissions to user that belongs to a group
> indirectly, it does not inherit the group permissions (resolved by me).
> Bug 1081204 - [AAA] External user UI access unstable (resolved by Yair).
>
> iirc both are part of 3.4, but will need to check it out.
> Let's see what version you're using, and proceed from there.
>
> Oved
>
> >
> > ----- Original Message -----
> > > From: "Yair Zaslavsky" <yzaslavs at redhat.com>
> > > To: "Jeff Clay" <jeffclay at gmail.com>
> > > Cc: "Oved Ourfalli" <ovedo at redhat.com>, "paul thornton"
> > > <paul.thornton at infotech-enterprises.com>, users at ovirt.org
> > > Sent: Thursday, May 8, 2014 10:05:46 AM
> > > Subject: Re: [ovirt-users] Users losing permissions when user portal
> > > session times out
> > >
> > >
> > >
> > > ----- Original Message -----
> > > > From: "Jeff Clay" <jeffclay at gmail.com>
> > > > To: users at ovirt.org, "paul thornton"
> > > > <paul.thornton at infotech-enterprises.com>
> > > > Sent: Thursday, May 8, 2014 9:09:00 AM
> > > > Subject: [ovirt-users] Users losing permissions when user portal
> session
> > > > times out
> > > >
> > > > I finally have everything working pretty good. I have noticed that
> if I
> > > > log
> > > > in to the user portal as a user with the regular "UserRole" granted
> and
> > > > only the the pool objects and the user portal session times I can
> not log
> > > > back in. The user portal shows the message the the user is not
> authorized
> > > > to perform this function. When I log in as admin and go to "users"
> then
> > > > view the permissions for the user I was just logged in as, the user
> no
> > > > longer shows the "UserRole" role even though the permissions on the
> pool
> > > > objects still show the role is granted. I have to delete the user
> from
> > > > the
> > > > "Users" list and logging back in will refresh the permissions. I have
> > > > ovirt
> > > > integrated with my active directory for logins. I am granting
> permissions
> > > > based on active directory groups. To grant the permissions, I am
> > > > selecting
> > > > the object (usually a pool), then selecting the "permissions" tab and
> > > > then
> > > > clicking "add"; I do a search for the group, i click the check box
> next
> > > > to
> > > > it and click ok. The group permissions seem to remain on the object
> when
> > > > the user portal session times out, but the actual user that timed out
> > > > loses
> > > > all permissions/roles. I have no idea what could be causing this
> other
> > > > than
> > > > some sort of bug. Any ideas?
> > > >
> > > > Thanks in advance.
> > >
> > > This is a known issue, and IIRC was resolved by Oved.
> > > Oved, am I correct here?
> > >
> > > >
> > > > _______________________________________________
> > > > Users mailing list
> > > > Users at ovirt.org
> > > > http://lists.ovirt.org/mailman/listinfo/users
> > > >
> > > _______________________________________________
> > > Users mailing list
> > > Users at ovirt.org
> > > http://lists.ovirt.org/mailman/listinfo/users
> > >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140508/372bf3ae/attachment-0001.html>
More information about the Users
mailing list