Back to bug 1924707
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Red Hat Bugzilla | 2021-02-03 13:40:52 UTC | Pool ID | sst_identity_management_rhel_8 | |
| Sergey Orlov | 2021-02-03 13:42:50 UTC | Summary | Establishing trust with AD domain usin fails in FIPS mode | Establishing trust with AD domain using shared secret fails in FIPS mode |
| Red Hat One Jira (issues.redhat.com) | 2021-02-03 13:47:00 UTC | Link ID | Red Hat Issue Tracker - Private RHELPLAN-66505 | |
| Alexander Bokovoy | 2021-02-09 09:59:12 UTC | CC | abokovoy | |
| Flags | needinfo?(sorlov) | |||
| Sergey Orlov | 2021-02-11 15:40:42 UTC | Flags | needinfo?(sorlov) | |
| Alexander Bokovoy | 2021-02-16 08:46:11 UTC | Keywords | Documentation, Triaged | |
| Status | NEW | ASSIGNED | ||
| Doc Text | Cause: Authentication with NTLMSSP is not supported in FIPS mode Consequence: It is not possible to set up a trust to Active Directory forest with a shared secret when RHEL IdM is configured in FIPS mode Workaround (if any): It is possible to set up a trust to Active Directory forest using administrative account from Active Directory instead. Result: RHEL IdM can operate in FIPS mode but setting up trust to Active Directory forest requires use of administrative credentials from Active Directory. Using a shared secret to set up such trust is not possible in FIPS mode. | |||
| Doc Type | If docs needed, set a value | Known Issue | ||
| Josip Vilicic | 2021-02-16 13:54:05 UTC | CC | jvilicic | |
| Docs Contact | jvilicic | |||
| Doc Text | Cause: Authentication with NTLMSSP is not supported in FIPS mode Consequence: It is not possible to set up a trust to Active Directory forest with a shared secret when RHEL IdM is configured in FIPS mode Workaround (if any): It is possible to set up a trust to Active Directory forest using administrative account from Active Directory instead. Result: RHEL IdM can operate in FIPS mode but setting up trust to Active Directory forest requires use of administrative credentials from Active Directory. Using a shared secret to set up such trust is not possible in FIPS mode. | .Unable to use a shared secret to establish a cross-forest trust in FIPS mode Establishing a cross-forest trust using a shared secret fails in FIPS mode because NTLMSSP authentication is not FIPS-compliant. To work around this problem, authenticate with an AD administrative account when setting up a trust to an Active Directory (AD) forest in FIPS mode. |
||
| Petr Čech | 2021-03-01 12:13:33 UTC | Priority | unspecified | high |
| CC | pcech | |||
| Josip Vilicic | 2021-03-15 22:21:32 UTC | Doc Text | .Unable to use a shared secret to establish a cross-forest trust in FIPS mode Establishing a cross-forest trust using a shared secret fails in FIPS mode because NTLMSSP authentication is not FIPS-compliant. To work around this problem, authenticate with an AD administrative account when setting up a trust to an Active Directory (AD) forest in FIPS mode. | .FIPS mode does not support using a shared secret to establish a cross-forest trust Establishing a cross-forest trust using a shared secret fails in FIPS mode because NTLMSSP authentication is not FIPS-compliant. To work around this problem, authenticate with an Active Directory (AD) administrative account when establishing a trust between an IdM domain with FIPS mode enabled and an AD domain. |
| Kaushik Banerjee | 2021-04-13 10:03:46 UTC | Pool ID | sst_identity_management_rhel_8 | sst_idm_ipa_rhel_8 |
| Pasi Karkkainen | 2021-04-21 20:04:44 UTC | CC | pasik | |
| Sumedh Sidhaye | 2021-05-14 16:09:34 UTC | CC | ssidhaye | |
| Sudarshan Chaudhari | 2021-10-22 17:45:24 UTC | CC | suchaudh | |
| Red Hat One Jira (issues.redhat.com) | 2021-10-22 17:49:55 UTC | Link ID | Red Hat Issue Tracker FREEIPA-7157 | |
| Theodoros Apazoglou | 2022-01-11 08:23:47 UTC | CC | tapazogl | |
| Red Hat Bugzilla | 2022-01-27 04:15:49 UTC | CC | suchaudh | |
| Ash Westbrook | 2022-02-28 15:10:59 UTC | CC | awestbro | |
| Red Hat Bugzilla | 2022-04-30 22:20:55 UTC | CC | tapazogl | |
| Trivino | 2022-05-10 08:02:14 UTC | Assignee | twoerner | ftrivino |
| CC | ftrivino | |||
| Lucie Vařáková | 2023-01-16 13:32:05 UTC | CC | lmanasko | |
| Flags | needinfo?(jvilicic) | |||
| Josip Vilicic | 2023-01-24 21:30:16 UTC | Flags | needinfo?(jvilicic) | needinfo?(ftrivino) |
| Ganna Kaihorodova | 2023-03-13 09:07:22 UTC | CC | gkaihoro | |
| QA Contact | ipa-qe | gkaihoro | ||
| Ganna Kaihorodova | 2023-03-13 09:08:52 UTC | QA Contact | gkaihoro | ipa-qe |
| Red Hat Bugzilla | 2023-03-18 04:16:43 UTC | CC | jvilicic | |
| Docs Contact | jvilicic | |||
| Lucie Vařáková | 2023-03-22 08:59:41 UTC | Docs Contact | lmcgarry | |
| CC | lmanasko | |||
| Red Hat Bugzilla | 2023-07-31 22:37:25 UTC | CC | pcech |
Back to bug 1924707