First Last Prev Next    This bug is not in your last search results.
Bug 57100 - Accept machine accounts for login in master realm
Accept machine accounts for login in master realm
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Keycloak
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-6-errata
Assigned To: Felix Botner
Julia Bremer
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2024-02-29 16:13 CET by Felix Botner
Modified: 2024-03-07 13:07 CET (History)
0 users

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2024-02-29 16:13:20 CET 
In univention-keycloak init (and during) update we need to change the ldap provider configuration to allow machine accounts.
Comment 1 Felix Botner univentionstaff 2024-03-04 16:11:32 CET 
Successful build
Package: univention-keycloak
Version: 1.0.10-7
Branch: ucs_5.0-0
Scope: errata5.0-6

Successful build
Package: ucs-test
Version: 10.0.20-47
Branch: ucs_5.0-0
Scope: errata5.0-6
Comment 2 Julia Bremer univentionstaff 2024-03-05 19:45:31 CET 
OK: Machine accounts and users/ldap (e.g. sys-idp-user) can log into the UCS realm
OK: DC primary and DC backup have administrative rights in Keycloak
OK: Config change is done in postinst of univention-keycloak-client
OK: Config change is not done if Keycloak is not installed/reachable
OK: Backported to 5.0-5, installation of this package and upgrade from 505 to 506 has been checked manually 
OK: Jenkins tests
OK: YAML
Verified
First Last Prev Next    This bug is not in your last search results.