Bug 1266080 - ipa trust-add --raw: ipa: ERROR: an internal error has occurred
ipa trust-add --raw: ipa: ERROR: an internal error has occurred
Status: CLOSED DUPLICATE of bug 1354381
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: IPA Maintainers
Namita Soman
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-24 08:36 EDT by Sudhir Menon
Modified: 2016-09-21 11:25 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-09-21 11:25:17 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sudhir Menon 2015-09-24 08:36:43 EDT
Description of problem: ipa trust-add --raw when used fails with ipa: ERROR: an internal error has occurred

Version-Release number of selected component (if applicable):


How reproducible:Always


Steps to Reproduce:
1. Install IPA server.
2. Add trust with the below option.

[root@ipa02 ~]# ipa trust-add --raw

Actual results:
Trust gets added but using the --raw option it gives below error.

[root@ipa02 ~]# ipa trust-add --raw
Realm name: TEST.IN
Active Directory domain administrator: Administrator
Active Directory domain administrator's password: 
ipa: ERROR: an internal error has occurred

[root@ipa02 ~]# ipa trust-show
Realm name: TEST.IN
  Realm name: test.in
  Domain NetBIOS name: TEST
  Domain Security Identifier: S-1-5-21-742749997-2996825573-4184801258
  Trust direction: Trusting forest
  Trust type: Active Directory domain

==> /var/log/httpd/error_log 

[Thu Sep 24 18:08:16.209243 2015] [:error] [pid 6340] ipa: ERROR: non-public: KeyError: 'ipanttrusttype'
[Thu Sep 24 18:08:16.209310 2015] [:error] [pid 6340] Traceback (most recent call last):
[Thu Sep 24 18:08:16.209314 2015] [:error] [pid 6340]   File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 347, in wsgi_execute
[Thu Sep 24 18:08:16.209317 2015] [:error] [pid 6340]     result = self.Command[name](*args, **options)
[Thu Sep 24 18:08:16.209325 2015] [:error] [pid 6340]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 443, in __call__
[Thu Sep 24 18:08:16.209331 2015] [:error] [pid 6340]     ret = self.run(*args, **options)
[Thu Sep 24 18:08:16.209334 2015] [:error] [pid 6340]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 760, in run
[Thu Sep 24 18:08:16.209336 2015] [:error] [pid 6340]     return self.execute(*args, **options)
[Thu Sep 24 18:08:16.209338 2015] [:error] [pid 6340]   File "/usr/lib/python2.7/site-packages/ipalib/plugins/trust.py", line 676, in execute
[Thu Sep 24 18:08:16.209340 2015] [:error] [pid 6340]     result['result']['ipanttrusttype'][0])]
[Thu Sep 24 18:08:16.209342 2015] [:error] [pid 6340] KeyError: 'ipanttrusttype'
[Thu Sep 24 18:08:16.209744 2015] [:error] [pid 6340] ipa: INFO: [jsonserver_session] admin@LABS02.TEST: trust_add(u'TEST.IN', trust_type=u'ad', realm_admin=u'Administrator', realm_passwd=u'********', all=False, raw=True, version=u'2.156'): KeyError

Expected results: Error displayed on console should be fixed.

Additional info:
Comment 2 Sudhir Menon 2015-09-24 08:39:09 EDT
**** Note: ipa trust-add --all works without any error.

[root@ipa02 ~]# ipa trust-add --all
Realm name: TEST.IN
Active Directory domain administrator: Administrator
Active Directory domain administrator's password: 
------------------------------------------------
Added Active Directory trust for realm "test.in"
------------------------------------------------
  dn: cn=test.in,cn=ad,cn=trusts,dc=labs02,dc=test
  Realm name: test.in
  Domain NetBIOS name: TEST
  Domain Security Identifier: S-1-5-21-742749997-2996825573-4184801258
  SID blacklist incoming: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17,
                          S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19,
                          S-1-5-18
  SID blacklist outgoing: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17,
                          S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19,
                          S-1-5-18
  Trust direction: Trusting forest
  Trust type: Active Directory domain
  Trust status: Established and verified
  ipantsecurityidentifier: S-1-5-21-3175560007-1962822224-4064991556-1030
  ipantsupportedencryptiontypes: 28
  ipanttrustattributes: 8
  ipanttrustdirection: 1
  ipanttrustpartner: test.in
  ipanttrustposixoffset: 0
  ipanttrusttype: 2
  objectclass: top, ipaNTTrustedDomain, ipaIDobject
  uidnumber: 525400030
Comment 3 Tomas Babej 2015-09-24 09:37:00 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5325
Comment 4 Martin Babinsky 2016-09-21 11:25:17 EDT

*** This bug has been marked as a duplicate of bug 1354381 ***

Note You need to log in before you can comment on or make changes to this bug.