Red Hat Bugzilla – Bug 1275816
Incomplete ports for IPA ad-trust
Last modified: 2016-11-04 01:39:18 EDT
Description of problem: Portmapper has been missed from the list of open ports both the ipa-adtrust-install and the documentation (https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/trust-requirements.html#trust-req-ports). Microsoft link references the complete list of ports here: https://msdn.microsoft.com/en-us/library/dd560683%28v=ws.10%29.aspx Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Alexander, should port-mapper port be added to docs and ipa-adtrust-install output as required port to be opened for trusts?
Yes, I asked Christina to file this bug specifically to document the port mapper.
Upstream ticket: https://fedorahosted.org/freeipa/ticket/5414
master: a566657f9d73a01b08017d251c4a0776d46265e2 Incomplete ports for IPA AD Trust ipa-4-2: e76e86656ae5c8f5e59a340e1ab4f9d107af7916 Incomplete ports for IPA AD Trust
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions
Fix is seen. Portmapper port is mentioned in https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/trust-requirements.html#trust-req-ports Endpoint resolution portmapper 135 TCP NetBIOS-DGM 138 TCP and UDP NetBIOS-SSN 139 TCP and UDP LDAP 389 TCP and UDP [a] Microsoft-DS 445 TCP and UDP Endpoint mapper listener range 1024-1300 TCP
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2404.html