09-19-2019 07:43 AM - edited 09-19-2019 11:24 PM
after updateing from 2.4.3 it is not possible to use the role management anymore.
First I tried to login with an AD acoount, but it says that this account does not have the right permissions. After this, I logged in with the local admin to check the permissions. It doesn't matter which role I try to edit, the pop up shows empty fields for every privilege and if I try to open the dropdown menu to set privileges it is not opened.
Does anyone see the same behaviour?
09-24-2019 12:48 PM
I've checked our release builds and there doesn't seem to be a pervasive problem in the area of Roles and Roles management.
Can you help clarify exactly what you are trying to do (with screen shots if needed) -- are you working with Users (trying to assign or change Roles) or are you working on creating custom Roles (trying to select pre-existing roles for inclusion)? Note that you have to have at least lxc-security-admin level authority to do any of this.
Given that there seems to be a UI component to what's happening perhaps you can also try a different browser.
09-25-2019 02:15 AM
I just did the update process again.
In 2.4.3 the Role Management looks OK:
But after updating the first problem is, that I am not able to login with domain accounts (MS AD) anymore:
In the Role Management there are nor more privileges bound to the Roles and it is not possible to assign them, nothing happens when clicking on the drop down button. I had the same behaviour with IE, FF and Chrome.
09-27-2019 10:49 AM
Thanks for the detailed info. The team is looking into it.
If you have a service/license agreement with Lenovo, I'd go ahead and open a problem ticket at this point which will facilitate transfer of logs.
09-27-2019 01:09 PM - edited 09-27-2019 01:10 PM
One further thing comes to mind looking at this some more --
You can't actually edit any of the pre-defined roles (such as lxc-admin) -- since that could allow you to accidentally limit admin privileges and get into a non-recoverable situation. The UI on this is admittedly tricky (since it an edit panel comes up and it appears you can edit but does not let you save) and will be improved in the future.
You can create a custom role from one of the pre-defined roles and edit that to your needs, and then assign users to that role.
This does not fully explain why the behavior seems different after upgrading or why your AD logins aren't working, but it's possible you can get out of the woods this way.
10-28-2019 02:26 AM
Today I tried to apply the update again but it was the same behaviour.
After updating to 2.5.0 I saw that there is another patch to 2.5.1. I applied this one, too. It didn't help.
As yout mentioned I tried to create a new role. The "Create Custom Role"-Form opens. It is possible to set the "Role Name" and the "Description of Role". It is possible to select an option in the "Select privileges form an existing role"-Dropdown menu. As far as I know selecting "lxc-admin" should fill all the other dropdown menus (Inventory, OS deployment, Server configuraten,....) with die appropriate values, but this doesn't happen. Besides it is not possible to create a custom role, because it is not possible to open any of the dropdown menus within the "Select additional privileges"-range.
Additionally it is not possible to login with an Active Directory Account anymore. It ends up with:
After getting this errror I am not able to logon with the same browser, because it says that there is already an active session. I have to login with admin on another browser to log off the unsuccessfull sessions manually.
For now, I will revert to the snapshot I created before starting the update process.