<div dir="ltr">I'm using version 3.4.0-1.el6. The user I've been testing with was directly added to this test-group in the AD.<div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Thu, May 8, 2014 at 2:11 AM, Oved Ourfalli <span dir="ltr"><<a href="mailto:ovedo@redhat.com" target="_blank">ovedo@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class=""><br>
<br>
----- Original Message -----<br>
> From: "Yair Zaslavsky" <<a href="mailto:yzaslavs@redhat.com">yzaslavs@redhat.com</a>><br>
> To: "Jeff Clay" <<a href="mailto:jeffclay@gmail.com">jeffclay@gmail.com</a>><br>
> Cc: "Oved Ourfalli" <<a href="mailto:ovedo@redhat.com">ovedo@redhat.com</a>>, "paul thornton" <<a href="mailto:paul.thornton@infotech-enterprises.com">paul.thornton@infotech-enterprises.com</a>>, <a href="mailto:users@ovirt.org">users@ovirt.org</a><br>
</div><div class="">> Sent: Thursday, May 8, 2014 10:09:55 AM<br>
> Subject: Re: [ovirt-users] Users losing permissions when user portal session times out<br>
><br>
</div><div class="">> Jeff, which ovrit version are you using?<br>
> Thanks.<br>
><br>
<br>
</div>It sounds similar to the following issues:<br>
Bug 1069562 - When assigning permissions to user that belongs to a group indirectly, it does not inherit the group permissions (resolved by me).<br>
Bug 1081204 - [AAA] External user UI access unstable (resolved by Yair).<br>
<br>
iirc both are part of 3.4, but will need to check it out.<br>
Let's see what version you're using, and proceed from there.<br>
<span class="HOEnZb"><font color="#888888"><br>
Oved<br>
</font></span><div class="HOEnZb"><div class="h5"><br>
><br>
> ----- Original Message -----<br>
> > From: "Yair Zaslavsky" <<a href="mailto:yzaslavs@redhat.com">yzaslavs@redhat.com</a>><br>
> > To: "Jeff Clay" <<a href="mailto:jeffclay@gmail.com">jeffclay@gmail.com</a>><br>
> > Cc: "Oved Ourfalli" <<a href="mailto:ovedo@redhat.com">ovedo@redhat.com</a>>, "paul thornton"<br>
> > <<a href="mailto:paul.thornton@infotech-enterprises.com">paul.thornton@infotech-enterprises.com</a>>, <a href="mailto:users@ovirt.org">users@ovirt.org</a><br>
> > Sent: Thursday, May 8, 2014 10:05:46 AM<br>
> > Subject: Re: [ovirt-users] Users losing permissions when user portal<br>
> > session times out<br>
> ><br>
> ><br>
> ><br>
> > ----- Original Message -----<br>
> > > From: "Jeff Clay" <<a href="mailto:jeffclay@gmail.com">jeffclay@gmail.com</a>><br>
> > > To: <a href="mailto:users@ovirt.org">users@ovirt.org</a>, "paul thornton"<br>
> > > <<a href="mailto:paul.thornton@infotech-enterprises.com">paul.thornton@infotech-enterprises.com</a>><br>
> > > Sent: Thursday, May 8, 2014 9:09:00 AM<br>
> > > Subject: [ovirt-users] Users losing permissions when user portal session<br>
> > > times out<br>
> > ><br>
> > > I finally have everything working pretty good. I have noticed that if I<br>
> > > log<br>
> > > in to the user portal as a user with the regular "UserRole" granted and<br>
> > > only the the pool objects and the user portal session times I can not log<br>
> > > back in. The user portal shows the message the the user is not authorized<br>
> > > to perform this function. When I log in as admin and go to "users" then<br>
> > > view the permissions for the user I was just logged in as, the user no<br>
> > > longer shows the "UserRole" role even though the permissions on the pool<br>
> > > objects still show the role is granted. I have to delete the user from<br>
> > > the<br>
> > > "Users" list and logging back in will refresh the permissions. I have<br>
> > > ovirt<br>
> > > integrated with my active directory for logins. I am granting permissions<br>
> > > based on active directory groups. To grant the permissions, I am<br>
> > > selecting<br>
> > > the object (usually a pool), then selecting the "permissions" tab and<br>
> > > then<br>
> > > clicking "add"; I do a search for the group, i click the check box next<br>
> > > to<br>
> > > it and click ok. The group permissions seem to remain on the object when<br>
> > > the user portal session times out, but the actual user that timed out<br>
> > > loses<br>
> > > all permissions/roles. I have no idea what could be causing this other<br>
> > > than<br>
> > > some sort of bug. Any ideas?<br>
> > ><br>
> > > Thanks in advance.<br>
> ><br>
> > This is a known issue, and IIRC was resolved by Oved.<br>
> > Oved, am I correct here?<br>
> ><br>
> > ><br>
> > > _______________________________________________<br>
> > > Users mailing list<br>
> > > <a href="mailto:Users@ovirt.org">Users@ovirt.org</a><br>
> > > <a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
> > ><br>
> > _______________________________________________<br>
> > Users mailing list<br>
> > <a href="mailto:Users@ovirt.org">Users@ovirt.org</a><br>
> > <a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
> ><br>
><br>
</div></div></blockquote></div><br></div>