Mailinglist Archive: opensuse-buildservice (123 mails)

< Previous Next >
Re: [opensuse-buildservice] Mixed LDAP / local OBS users
On 09/20/2017 09:05 AM, Stefan Seyfried wrote:
Good morning,

after the update to 2.8.3, I found that local users (most prominent the Admin
user ;)) no longer work, when LDAP mode is
enabled.


That's right. We've decided that in an OBS setup with LDAP enabled, the
user management should only happen via the LDAP instance.

Björn

It was pretty easy to get the existing users to work again:

+++ app/models/user.rb 2017-09-20 06:45:18.666231345 +0000
@@ -199,7 +199,10 @@
# in the database. Returns the user or nil if he could not be found
def self.find_with_credentials(login, password)
if CONFIG['ldap_mode'] == :on
- return find_with_credentials_via_ldap(login, password)
+ user = find_with_credentials_via_ldap(login, password)
+ if user
+ return user
+ end
end

user = find_by_login(login)

This still does not enable me to create new users (as admin), because I'm
just sent to the Sign Up page, which then
tells me that new users can only sign up via LDAP.

While looking to also fix that and let an admin allow to create (and edit)
local users, I found that in git master many
more changes have been made to make this virtually impossible.

So I'm asking why this usecase is actively destroyed. Local OBS users (apart
from the obvious Admin user) are useful
e.g. as technical accounts, for automation jobs etc. which are not always
possible to get into a corporate user directory.

Thanks,
Stefan



--
Björn Geuken - Rails Developer - Open Build Service
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer,
HRB 21284 (AG Nürnberg)
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References