Bug 1070925
Summary: | trust-add for POSIX AD does not fetch trustdomains | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Martin Kosek <mkosek> |
Component: | ipa | Assignee: | Martin Kosek <mkosek> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | rcritten, sgoveas |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.3.3-20.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-06-13 10:58:18 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Martin Kosek
2014-02-27 18:30:52 UTC
Fixed upstream: master: 41ca5afba79110a8dfb9dd713df2d909b5210294 trust: make sure we always discover topology of the forest trust ipa-3-3: 906b60ee8a728f2d1c557e73d05d7557e388c97f trust: make sure we always discover topology of the forest trust [root@dhcp207-218 ~]# ipa idrange-find --------------- 1 range matched --------------- Range name: TESTRELM.TEST_id_range First Posix ID of the range: 906800000 Number of IDs in the range: 200000 First RID of the corresponding RID range: 1000 First RID of the secondary RID range: 100000000 Range type: local domain range ---------------------------- Number of entries returned 1 ---------------------------- [root@dhcp207-218 ~]# ipa trustdomain-find Realm name: adposix.qe ipa: ERROR: no such entry [root@dhcp207-218 ~]# echo Secret123 | ipa trust-add adposix.qe --admin administrator --password --------------------------------------------------- Added Active Directory trust for realm "adposix.qe" --------------------------------------------------- Realm name: adposix.qe Domain NetBIOS name: ADPOSIX Domain Security Identifier: S-1-5-21-3655340000-3880942204-3419777279 SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 Trust direction: Two-way trust Trust type: Active Directory domain Trust status: Established and verified [root@dhcp207-218 ~]# ipa idrange-find ---------------- 2 ranges matched ---------------- Range name: ADPOSIX.QE_id_range First Posix ID of the range: 10000 Number of IDs in the range: 200000 First RID of the corresponding RID range: 0 Domain SID of the trusted domain: S-1-5-21-3655340000-3880942204-3419777279 Range type: Active Directory trust range with POSIX attributes Range name: TESTRELM.TEST_id_range First Posix ID of the range: 906800000 Number of IDs in the range: 200000 First RID of the corresponding RID range: 1000 First RID of the secondary RID range: 100000000 Range type: local domain range ---------------------------- Number of entries returned 2 ---------------------------- [root@dhcp207-218 ~]# ipa trustdomain-find Realm name: adposix.qe Domain name: adposix.qe Domain NetBIOS name: ADPOSIX Domain Security Identifier: S-1-5-21-3655340000-3880942204-3419777279 Domain enabled: True Domain name: lab.adposix.qe Domain NetBIOS name: LAB Domain Security Identifier: S-1-5-21-3961109305-3660795254-274566355 Domain enabled: True ---------------------------- Number of entries returned 2 ---------------------------- Verified in version [root@dhcp207-218 ~]# rpm -q ipa-server ipa-server-3.3.3-25.el7.x86_64 This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |