Bug 970977
Summary: | ipa trust-add should provide clear error when defaultNamingContext not found | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Marko Myllynen <myllynen> |
Component: | ipa | Assignee: | Martin Kosek <mkosek> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Namita Soman <nsoman> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 7.0 | CC: | mkosek, sgoveas, tbabej |
Target Milestone: | rc | ||
Target Release: | 7.1 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-3.3.1-1.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-06-13 13:23:33 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Marko Myllynen
2013-06-05 11:34:00 UTC
Thanks, I can see the error in the code, I will open an upstream ticket. Still, this is not a blocking issue, so I will move the bug to RHEL-7 product. Upstream ticket: https://fedorahosted.org/freeipa/ticket/3690 Fixed upstream: master: a3d489443c85629aa176df048c6b3505a7ee4586 ipa-3-3: c0dddb4d69bbd1015b6ce0476e6537b1e1448b0a What are the steps to reproduce the error? Tomas, you worked on the solution, do you have some easy-to-use reproduction scenario? I discussed this patch with Tomas. Given that it is just a very localized patch which adds better error reporting in a very specific case we cannot reliably reproduce, I would suggest testing as Sanity only (with general trust-add case). [root@dhcp207-151 ~]# echo Secret123 | ipa trust-add adtest.qe --type ad --admin administrator --password -------------------------------------------------- Added Active Directory trust for realm "adtest.qe" -------------------------------------------------- Realm name: adtest.qe Domain NetBIOS name: ADTEST Domain Security Identifier: S-1-5-21-1910160501-511572375-3625658879 SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10, S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20 Trust direction: Two-way trust Trust type: Active Directory domain Trust status: Established and verified [root@dhcp207-151 ~]# ipa trustdomain-find Realm name: adtest.qe Domain name: adtest.qe Domain NetBIOS name: ADTEST Domain Security Identifier: S-1-5-21-1910160501-511572375-3625658879 Domain enabled: True Domain name: pune.adtest.qe Domain NetBIOS name: PUNE Domain Security Identifier: S-1-5-21-91314187-2404433721-1858927112 Domain enabled: True ---------------------------- Number of entries returned 2 ---------------------------- [root@dhcp207-151 ~]# ipa idrange-find pune --------------- 1 range matched --------------- Range name: PUNE.ADTEST.QE_id_range First Posix ID of the range: 839000000 Number of IDs in the range: 200000 First RID of the corresponding RID range: 0 Domain SID of the trusted domain: S-1-5-21-91314187-2404433721-1858927112 Range type: Active Directory domain range ---------------------------- Number of entries returned 1 ---------------------------- Verified in Version [root@dhcp207-151 ~]# rpm -q ipa-server ipa-server-3.3.3-17.el7.x86_64 This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |