Bug 1383358
Summary: | Appliance Console External Auth incorrectly configs kerberos | ||
---|---|---|---|
Product: | Red Hat CloudForms Management Engine | Reporter: | Satoe Imaishi <simaishi> |
Component: | Appliance | Assignee: | Joe Vlcek <jvlcek> |
Status: | CLOSED ERRATA | QA Contact: | amogh <amavinag> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 5.7.0 | CC: | abellott, cpelland, gtanzill, jhardy, mpusater, obarenbo, saali, simaishi |
Target Milestone: | GA | ||
Target Release: | 5.7.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | ldap | ||
Fixed In Version: | 5.7.0.5 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1380873 | Environment: | |
Last Closed: | 2017-01-04 13:02:12 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | CFME Core | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1380873 | ||
Bug Blocks: |
Comment 2
Joe Vlcek
2016-10-13 21:20:36 UTC
New commit detected on ManageIQ/manageiq/euwe: https://github.com/ManageIQ/manageiq/commit/540f2f92c4040edae436cd6add5623971f8ca9c3 commit 540f2f92c4040edae436cd6add5623971f8ca9c3 Author: Alberto Bellotti <abellotti.github.com> AuthorDate: Fri Oct 7 14:04:17 2016 -0400 Commit: Oleg Barenboim <chessbyte> CommitDate: Thu Oct 13 15:32:28 2016 -0400 Merge pull request #11730 from jvlcek/ipa_dns_lookup For external auth configure kerberos to do dns_lookups (cherry picked from commit 833a5e0fcbc713c5c095c0dfbebf97db306e2b28) https://bugzilla.redhat.com/show_bug.cgi?id=1383358 .../external_httpd_authentication.rb | 1 + .../external_httpd_configuration.rb | 45 +++++++---- .../external_httpd_authentication_spec.rb | 90 ++++++++++++++++++++++ 3 files changed, 120 insertions(+), 16 deletions(-) Verified this issue in "5.7.0.11-rc1" and the Fix works fine. in /etc/krb5.conf.d/: [libdefaults] default_realm = <IPA_SERVER_REALM> dns_lookup_realm = true dns_lookup_kdc = true Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2017-0012.html |