Bug 1079498
Summary: | extdom-extop: Plugin needs to ignore results that belong to different domain as requested | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Dmitri Pal <dpal> |
Component: | ipa | Assignee: | Martin Kosek <mkosek> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Namita Soman <nsoman> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | pviktori, rcritten, rpacheco, spoore |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.3.3-26.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-06-13 13:07:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dmitri Pal
2014-03-21 17:20:17 UTC
Fixed upstream master: https://fedorahosted.org/freeipa/changeset/c885bc3e49b41490668ed8b62989d71ec1cadf34 ipa-3-3: https://fedorahosted.org/freeipa/changeset/2ec7c50f3c475e5ffbf2f73968636c483c6503e7 Verified. Version :: ipa-server-3.3.3-27.el7.x86_64 Results :: First reproducing issue with 3.3.3-25: [root@rhel7-3 ipa-trust-functional]# ipa trust-find ---------------- 2 trusts matched ---------------- Realm name: ad1.example.test Domain NetBIOS name: AD1 Domain Security Identifier: S-1-5-21-1111600086-3918383388-1921175064 SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 Trust type: Active Directory domain Realm name: ad2.example.test Domain NetBIOS name: AD2 Domain Security Identifier: S-1-5-21-1515602834-2930230041-3336973146 SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 Trust type: Active Directory domain ---------------------------- Number of entries returned 2 ---------------------------- [root@rhel7-3 ipa-trust-functional]# id testuser1.test uid=1956201133(testuser1.test) gid=1956201133(testuser1.test.test) groups=1956201133(testuser1.test.test) [root@rhel7-3 ipa-trust-functional]# rpm -q ipa-server ipa-server-3.3.3-25.el7.x86_64 Then testing with patched version 3.3.3-27: [root@rhel7-3 ipa-trust-functional]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Redirecting to /bin/systemctl stop sssd.service Redirecting to /bin/systemctl start sssd.service [root@rhel7-3 ipa-trust-functional]# id testuser1.test uid=1956201133(testuser1.test) gid=1956201133(testuser1.test) groups=1956201133(testuser1.test) [root@rhel7-3 ipa-trust-functional]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Redirecting to /bin/systemctl stop sssd.service Redirecting to /bin/systemctl start sssd.service [root@rhel7-3 ipa-trust-functional]# id testuser1.testuid=551802247(testuser1.test) gid=551802247(testuser1.test) groups=551802247(testuser1.test) This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |