Bug 1007474 - Enable ad_compat sasl option
Summary: Enable ad_compat sasl option
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd
Version: 7.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
Depends On:
Blocks: 1116010
TreeView+ depends on / blocked
Reported: 2013-09-12 14:40 UTC by Dmitri Pal
Modified: 2020-05-02 17:25 UTC (History)
5 users (show)

Fixed In Version: sssd-1.12.0-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1116010 (view as bug list)
Last Closed: 2015-03-05 10:27:18 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Github SSSD sssd issues 3082 None None None 2020-05-02 17:25:49 UTC
Red Hat Product Errata RHBA-2015:0441 normal SHIPPED_LIVE sssd bug fix and enhancement update 2015-03-05 15:05:27 UTC

Description Dmitri Pal 2013-09-12 14:40:02 UTC
This bug is created as a clone of upstream ticket:

The sasl library has introduced an option to keep AD happy when SASL/GSSAPI is being used: http://git.cyrusimap.org/cyrus-sasl/commit/plugins/gssapi.c?id=cccc5a5a87a74cd434fbdf5e87c4158e21ebcf19

Take advantage of this option in the sssd_ad code.

Comment 1 Martin Kosek 2014-06-17 12:14:11 UTC
Fixed upstream:


Comment 3 Kaushik Banerjee 2014-12-31 10:49:28 UTC
Verified in version sssd-1.12.2-39.el7

Output from beaker automation run:
:: [   LOG    ] :: ad_compat_001: BZ 1116010 enable ad_compat sasl option

:: [   PASS   ] :: SASL authentication is successful with AD signing disabled 
:: [   PASS   ] :: Command 'getent passwd testuser01-837267' (Expected 0, got 0)
:: [   LOG    ] :: Duration: 3s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: ad_compat_001: BZ 1116010 enable ad_compat sasl option

Comment 5 errata-xmlrpc 2015-03-05 10:27:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.