Users Not able to list spaces in Apps Manager
indrofuture opened this issue · 4 comments
Describe the bug
We are facing an issue with the cf-mgmt script after integrating SAML for our TAS foundation. The script is throwing an error as shown below, which prevents all developers from accessing their apps. This is a critical blocker for our work and we need a prompt solution for this. I have tried to remove all SAML users from the config file and only keep local UAA users, but the error persists.
Screenshots
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.
The labels on this github issue will be updated when the story is started.
@indrofuture this is due to users not having permissions. Can you share the logout output of the cf-mgmt update-space-users command? The saml user IB041355 at cernet.net looks to not be added to any roles within any org/space.
This may be related to issue that is being fixed with #455 where if a user exists in a different origin (internal uaa) that user will not be added to a different origin (saml). To get around this before this is merged/released can cf delete-user <internal user> and then cf-mgmt will add the saml user next time the update-space-users job/command runs.
Also if wanting to test this change prior to release it has been published under pivotalservices/cf-mgmt:develop so would just need to change pipeline to use develop tag
Closing due to no response. Please open again if not resolved in latest version https://github.com/vmware-tanzu-labs/cf-mgmt/releases/tag/v1.0.87