Bug 1580281
Summary: | Samba can not register sss idmap module because it's using an outdated SMB_IDMAP_INTERFACE_VERSION [rhel-7.5.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Oneata Mircea Teodor <toneata> |
Component: | sssd | Assignee: | SSSD Maintainers <sssd-maint> |
Status: | CLOSED ERRATA | QA Contact: | sssd-qe <sssd-qe> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 7.5 | CC: | fidencio, grajaiya, jhrozek, lmanasko, lslebodn, mkosek, mniranja, mpanaous, mzidek, nsoman, pbrezina, sbose, sgoveas, tscherf |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.16.0-19.el7_5.3 | Doc Type: | Bug Fix |
Doc Text: |
Previously, the new Samba version in Red Hat Enterprise Linux 7.5 used a newer version of the idmap plug-in interface and SSSD still provided a plug-in with an older version. If Samba was configured to use SSSD's idmap plug-in, smdb and winbind services failed to start due to the version mismatch. With this update, SSSD provides a plug-in with a matching version. As a result, smdb and winbind run as expected.
|
Story Points: | --- |
Clone Of: | 1578291 | Environment: | |
Last Closed: | 2018-06-26 16:49:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1578291 | ||
Bug Blocks: |
Description
Oneata Mircea Teodor
2018-05-21 07:19:20 UTC
Versions: ========= libsss_idmap-1.16.0-19.el7_5.5.x86_64 libsss_sudo-1.16.0-19.el7_5.5.x86_64 libsss_autofs-1.16.0-19.el7_5.5.x86_64 libsss_nss_idmap-1.16.0-19.el7_5.5.x86_64 sssd-common-1.16.0-19.el7_5.5.x86_64 sssd-ipa-1.16.0-19.el7_5.5.x86_64 sssd-1.16.0-19.el7_5.5.x86_64 sssd-winbind-idmap-1.16.0-19.el7_5.5.x86_64 libsss_certmap-1.16.0-19.el7_5.5.x86_64 python-sssdconfig-1.16.0-19.el7_5.5.noarch sssd-client-1.16.0-19.el7_5.5.x86_64 sssd-krb5-common-1.16.0-19.el7_5.5.x86_64 sssd-ad-1.16.0-19.el7_5.5.x86_64 sssd-ldap-1.16.0-19.el7_5.5.x86_64 sssd-proxy-1.16.0-19.el7_5.5.x86_64 sssd-kcm-1.16.0-19.el7_5.5.x86_64 sssd-common-pac-1.16.0-19.el7_5.5.x86_64 sssd-krb5-1.16.0-19.el7_5.5.x86_64 [sssd] domains = testrelm.test config_file_version = 2 services = nss, pam [domain/testrelm.test] ad_domain = testrelm.test krb5_realm = TESTRELM.TEST realmd_tags = manages-system joined-with-samba cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = True fallback_homedir = /home/%u@%d access_provider = ad debug_level = 9 Steps: 1. Join RHEL7.5 system to windows AD domain using below command realm join -v TESTRELM.TEST --membership-software=samba 2. Configure smb.conf as below cat /etc/samba/smb.conf [global] workgroup = TESTRELM realm = TESTRELM.TEST security = ads client signing = yes client use spnego = yes idmap config * : backend = sss idmap config * : range = 200000-2147483647 log level = 9 3. restart winbind $ systemctl restart winbind 4. Run wbinfo [root@host-8-242-110 sssd]# wbinfo -i TESTRELM\\administrator TESTRELM\administrator:*:1507800500:1507800513::/home/TESTRELM/administrator:/bin/false [root@host-8-242-110 sssd]# systemctl status winbind ● winbind.service - Samba Winbind Daemon Loaded: loaded (/usr/lib/systemd/system/winbind.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2018-06-04 23:37:19 EDT; 8min ago Main PID: 11675 (winbindd) Status: "winbindd: ready to serve connections..." CGroup: /system.slice/winbind.service ├─11675 /usr/sbin/winbindd --foreground --no-process-group ├─11677 /usr/sbin/winbindd --foreground --no-process-group └─22302 /usr/sbin/winbindd --foreground --no-process-group Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com systemd[1]: Starting Samba Winbind Daemon... Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]: [2018/06/04 23:37:19.089894, 0] ../source3/winbindd/winbindd_cache.c:3170(initialize_winbindd_cache) Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]: initialize_winbindd_cache: clearing cache and re-creating with version number 2 Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]: [2018/06/04 23:37:19.094727, 0] ../lib/util/become_daemon.c:124(daemon_ready) Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com systemd[1]: Started Samba Winbind Daemon. Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]: STATUS=daemon 'winbindd' finished starting up and ready to serve connection Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1986 |