Bug 970977
| Summary: | ipa trust-add should provide clear error when defaultNamingContext not found | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Marko Myllynen <myllynen> |
| Component: | ipa | Assignee: | Martin Kosek <mkosek> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Namita Soman <nsoman> |
| Severity: | low | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | mkosek, sgoveas, tbabej |
| Target Milestone: | rc | ||
| Target Release: | 7.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-3.3.1-1.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-06-13 13:23:33 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Marko Myllynen
2013-06-05 11:34:00 UTC
Thanks, I can see the error in the code, I will open an upstream ticket. Still, this is not a blocking issue, so I will move the bug to RHEL-7 product. Upstream ticket: https://fedorahosted.org/freeipa/ticket/3690 Fixed upstream: master: a3d489443c85629aa176df048c6b3505a7ee4586 ipa-3-3: c0dddb4d69bbd1015b6ce0476e6537b1e1448b0a What are the steps to reproduce the error? Tomas, you worked on the solution, do you have some easy-to-use reproduction scenario? I discussed this patch with Tomas. Given that it is just a very localized patch which adds better error reporting in a very specific case we cannot reliably reproduce, I would suggest testing as Sanity only (with general trust-add case). [root@dhcp207-151 ~]# echo Secret123 | ipa trust-add adtest.qe --type ad --admin administrator --password
--------------------------------------------------
Added Active Directory trust for realm "adtest.qe"
--------------------------------------------------
Realm name: adtest.qe
Domain NetBIOS name: ADTEST
Domain Security Identifier: S-1-5-21-1910160501-511572375-3625658879
SID blacklist incoming: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10,
S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20
SID blacklist outgoing: S-1-0, S-1-1, S-1-2, S-1-3, S-1-5-1, S-1-5-2, S-1-5-3, S-1-5-4, S-1-5-5, S-1-5-6, S-1-5-7, S-1-5-8, S-1-5-9, S-1-5-10,
S-1-5-11, S-1-5-12, S-1-5-13, S-1-5-14, S-1-5-15, S-1-5-16, S-1-5-17, S-1-5-18, S-1-5-19, S-1-5-20
Trust direction: Two-way trust
Trust type: Active Directory domain
Trust status: Established and verified
[root@dhcp207-151 ~]# ipa trustdomain-find
Realm name: adtest.qe
Domain name: adtest.qe
Domain NetBIOS name: ADTEST
Domain Security Identifier: S-1-5-21-1910160501-511572375-3625658879
Domain enabled: True
Domain name: pune.adtest.qe
Domain NetBIOS name: PUNE
Domain Security Identifier: S-1-5-21-91314187-2404433721-1858927112
Domain enabled: True
----------------------------
Number of entries returned 2
----------------------------
[root@dhcp207-151 ~]# ipa idrange-find pune
---------------
1 range matched
---------------
Range name: PUNE.ADTEST.QE_id_range
First Posix ID of the range: 839000000
Number of IDs in the range: 200000
First RID of the corresponding RID range: 0
Domain SID of the trusted domain: S-1-5-21-91314187-2404433721-1858927112
Range type: Active Directory domain range
----------------------------
Number of entries returned 1
----------------------------
Verified in Version
[root@dhcp207-151 ~]# rpm -q ipa-server
ipa-server-3.3.3-17.el7.x86_64
This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |