Bug 1007474 - Enable ad_compat sasl option
Enable ad_compat sasl option
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd (Show other bugs)
7.0
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Jakub Hrozek
Kaushik Banerjee
:
Depends On:
Blocks: 1116010
  Show dependency treegraph
 
Reported: 2013-09-12 10:40 EDT by Dmitri Pal
Modified: 2015-03-05 05:27 EST (History)
5 users (show)

See Also:
Fixed In Version: sssd-1.12.0-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1116010 (view as bug list)
Environment:
Last Closed: 2015-03-05 05:27:18 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dmitri Pal 2013-09-12 10:40:02 EDT
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/2040

The sasl library has introduced an option to keep AD happy when SASL/GSSAPI is being used: http://git.cyrusimap.org/cyrus-sasl/commit/plugins/gssapi.c?id=cccc5a5a87a74cd434fbdf5e87c4158e21ebcf19

Take advantage of this option in the sssd_ad code.
Comment 1 Martin Kosek 2014-06-17 08:14:11 EDT
Fixed upstream:

fb945a2cacc5506a2acb50349670f22078f1d4f5
Comment 3 Kaushik Banerjee 2014-12-31 05:49:28 EST
Verified in version sssd-1.12.2-39.el7


Output from beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ad_compat_001: BZ 1116010 enable ad_compat sasl option
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: SASL authentication is successful with AD signing disabled 
:: [   PASS   ] :: Command 'getent passwd testuser01-837267' (Expected 0, got 0)
:: [   LOG    ] :: Duration: 3s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: ad_compat_001: BZ 1116010 enable ad_compat sasl option
Comment 5 errata-xmlrpc 2015-03-05 05:27:18 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0441.html

Note You need to log in before you can comment on or make changes to this bug.