Bug 1783046

Summary: SIDs of AD domains do not display in ipa-client-samba installer
Product: Red Hat Enterprise Linux 8 Reporter: Rob Crittenden <rcritten>
Component: ipaAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact: ipa-qe <ipa-qe>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.1CC: abokovoy, frenaud, ksiddiqu, pasik, rcritten, sorlov, tscherf
Target Milestone: rcKeywords: TestCaseProvided
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-28 15:44:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rob Crittenden 2019-12-12 21:58:40 UTC 
Description of problem:

# ipa-client-samba 
Searching for IPA server...
IPA server: DNS discovery
Chosen IPA master: replica.ipa.test
SMB principal to be created: cifs/client.ipa.test
NetBIOS name to be used: CLIENT
Discovered domains to use:

 Domain name: ipa.test
NetBIOS name: IPA
         SID: S-1-5-21-1711027842-58264104-523626831
    ID range: 1423000000 - 1423199999


 Domain name: sub1.win2016.test
NetBIOS name: SUB1
         SID: None
    ID range: 308600000 - 308799999


 Domain name: win2016.test
NetBIOS name: WIN2016
         SID: None
    ID range: 1896800000 - 1896999999

The SID display as None.

I installed as admin and am able to see the trust:

# ipa trustdomain-find
Realm name: WIN2016.TEST
  Domain name: sub1.win2016.test
  Domain NetBIOS name: SUB1
  Domain Security Identifier: S-1-5-21-409653339-2266312569-870840429
  Domain enabled: True

  Domain name: win2016.test
  Domain NetBIOS name: WIN2016
  Domain Security Identifier: S-1-5-21-344158752-2665625808-1825572239
  Domain enabled: True
----------------------------
Number of entries returned 2
----------------------------
Version-Release number of selected component (if applicable):

ipa-client-samba-4.8.0-10.module+el8.1.0+4107+4a66eb87.x86_64

How reproducible:

Every time

Steps to Reproduce:
1. Reproduced in IDMCI on client VM
Comment 1 Alexander Bokovoy 2019-12-13 14:23:29 UTC 
Upstream PR: https://github.com/freeipa/freeipa/pull/4028
Comment 3 Alexander Bokovoy 2019-12-13 15:34:42 UTC 
Fixed upstream
master:
https://pagure.io/freeipa/c/3d402b69eb484a14944ccc23fcf945963977e348
Comment 4 Alexander Bokovoy 2019-12-13 18:26:02 UTC 
Fixed upstream
ipa-4-8:
https://pagure.io/freeipa/c/e1d11aa6b1b03b57adf8deba681aa0fa25861c5e
Comment 6 Sergey Orlov 2020-01-28 15:00:07 UTC 
Fix verifyed.
RHEL-8.2.0-20191219.0
ipa-client-samba-4.8.4-2.module+el8.2.0+5271+3e37a50a


transport.py               513 DEBUG    RUN ['ipa-client-samba', '-U']
channel.py                1194 DEBUG    [chan 21] Sesch channel 21 request ok
transport.py               558 DEBUG    Searching for IPA server...
transport.py               558 DEBUG    IPA server: DNS discovery
transport.py               558 DEBUG    Chosen IPA master: master.testrelm.test
transport.py               558 DEBUG    SMB principal to be created: cifs/client1.testrelm.test
transport.py               558 DEBUG    NetBIOS name to be used: CLIENT1
transport.py               558 DEBUG    Discovered domains to use:
transport.py               558 DEBUG    
transport.py               558 DEBUG     Domain name: testrelm.test
transport.py               558 DEBUG    NetBIOS name: TESTRELM
transport.py               558 DEBUG             SID: S-1-5-21-2049863854-1652020681-2012428424
transport.py               558 DEBUG        ID range: 266000000 - 266199999
transport.py               558 DEBUG    
transport.py               558 DEBUG    
transport.py               558 DEBUG     Domain name: ad.test
transport.py               558 DEBUG    NetBIOS name: AD
transport.py               558 DEBUG             SID: S-1-5-21-2581030808-478475035-2586414292
transport.py               558 DEBUG        ID range: 851800000 - 851999999
transport.py               558 DEBUG    
transport.py               558 DEBUG    Samba domain member is configured. Please check configuration at /etc/samba/smb.conf and start smb and winbind services
Comment 7 Florence Blanc-Renaud 2020-01-30 10:51:30 UTC 
Test added upstream in  ipatests/test_integration/test_smb.py:
master:
https://pagure.io/freeipa/c/15fd36612ea451cec2e1302a462fa440663fcc74
Comment 8 Florence Blanc-Renaud 2020-01-30 15:09:46 UTC 
Fixed upstream
ipa-4-8:
https://pagure.io/freeipa/c/577dd1e47a092cf7e4527707111d28297bb58f53
Comment 10 errata-xmlrpc 2020-04-28 15:44:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:1640