OPERATIONAL DEFECT DATABASE
...
...
Scenario An LDAP user can log in over UI but cannot make API calls. Error message as seen in the screenshot below: "No role assigned to user": Impact Unable to use API with LDAP user.
A software design flaw does not allow recognizing the LDAP User role if the user is only part of a Group role. When using SSO - an LDAP user is assigned to an LDAP group, and the LDAP group is configured with a User role, the REST login command fails due to "no role assigned to user."
The workaround is to add the User to the Remote Users/Groups section in the UI. Even if the user is already in one of the groups listed. The bug is hit when the Type User is not found for an API call. In the image below, even though the user "xxxxx" is a member of the sio_admin Group, the user cannot make API calls until we add the user here as a Type = User. If the user "xxxx" is removed from this section, it will not allow API calls. The user must exist with a Type = User.
Click on a version to see all relevant bugs
Dell Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
