Bug 983237
Summary: | add ipaNTSecurityIdentifier to "Default SMB Group" during ipa-adtrust-install | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Najmuddin Chirammal <nc> |
Component: | ipa | Assignee: | Martin Kosek <mkosek> |
Status: | CLOSED NOTABUG | QA Contact: | Namita Soman <nsoman> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.4 | CC: | dpal, nc, rcritten, sbose, tbabej, yjog |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Known Issue | |
Doc Text: |
ipa-adtrust-install, an Identity Management Active Directory Trust configuration tool, does not explicitly specify authentication mechanism when performing Active Directory Trust configuration changes. When the user specifis the default LDAP authentication mechanism other than the expected default (for example by setting the SASL_MECH configuration option to GSSAPI in LDAP configuration file for root user, .ldaprc), ipa-adtrust-install will not use the expected authentication mechanism and will fail to configure some of the parts of the Active Directory Integration feature, a crash of samba daemon (smbd) can occur or the user will be unable to use the feature. To work around this problem, remove any user default settings related to LDAP authentication mechanism from the .ldaprc file. The ipa-adtrust-install installer will then successfully configure the Active Directory integration feature.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-09-03 11:32:42 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Najmuddin Chirammal
2013-07-10 19:14:17 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/3776 This issue was caused by a configuration issue, adding a Known Issue doc paragraph. Closing the bug for 6.5, it will be only documented (and fixed upstream - https://fedorahosted.org/freeipa/ticket/3895). Fixed typo in doc text. |