Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3292
- Created at 2017-02-01 11:27:42 by jhrozek
- Closed at 2017-04-10 15:49:42 as Fixed
- Assigned to sbose
- Associated bugzillas
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1414023
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Current understanding of the development is that this tool should allow customer or a support engineer to:
- check authentication of the user via selected PAM service (there should be an option) to make sure user+password is corecct
- check authorization of the user (also via selected PAM service), to make sure IdM HBAC are set correctly
- check that user identity and extended attributes are readable via DBUS call
This is currently proposed scope of the tool.
With respect to authentication and authorization there is already pam_test_client which currently accepts an action 'auth' or 'acct' and a user name. It currently uses a hardcoded test service but it would be easy to add another command line parameter for the service.
Comments
Comment from jhrozek at 2017-02-01 11:52:42
Fields changed
blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
patch: => 0
review: True => 0
selected: =>
summary: Create troubleshooting tool to determine if a failure is in SSSD or not when using layered products like RH-SSO/CFME etc. => RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup
testsupdated: => 0
type: defect => enhancement
Comment from jhrozek at 2017-02-02 16:10:32
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.16 Beta
priority: major => minor
Comment from jhrozek at 2017-02-24 14:40:51
Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.3
Comment from sbose at 2017-03-16 10:28:40
Metadata Update from @sbose:
Comment from sbose at 2017-03-16 11:51:29
Metadata Update from @sbose:
- Custom field design_review reset
- Custom field mark reset
- Custom field patch adjusted to on (was: 0)
- Custom field review reset
- Custom field sensitive reset
- Custom field testsupdated reset
- Issue close_status updated to: None
Comment from lslebodn at 2017-04-10 15:49:00
master:
Comment from lslebodn at 2017-04-10 15:49:09
Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
Comment from lslebodn at 2017-04-10 15:49:54
Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3292
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1414023
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Current understanding of the development is that this tool should allow customer or a support engineer to:
This is currently proposed scope of the tool.
With respect to authentication and authorization there is already pam_test_client which currently accepts an action 'auth' or 'acct' and a user name. It currently uses a hardcoded test service but it would be easy to add another command line parameter for the service.
Comments
Comment from jhrozek at 2017-02-01 11:52:42
Fields changed
blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
patch: => 0
review: True => 0
selected: =>
summary: Create troubleshooting tool to determine if a failure is in SSSD or not when using layered products like RH-SSO/CFME etc. => RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup
testsupdated: => 0
type: defect => enhancement
Comment from jhrozek at 2017-02-02 16:10:32
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.16 Beta
priority: major => minor
Comment from jhrozek at 2017-02-24 14:40:51
Metadata Update from @jhrozek:
Comment from sbose at 2017-03-16 10:28:40
Metadata Update from @sbose:
Comment from sbose at 2017-03-16 11:51:29
Metadata Update from @sbose:
Comment from lslebodn at 2017-04-10 15:49:00
master:
Comment from lslebodn at 2017-04-10 15:49:09
Metadata Update from @lslebodn:
Comment from lslebodn at 2017-04-10 15:49:54
Metadata Update from @lslebodn: