1275816 – Incomplete ports for IPA ad-trust

Bug 1275816 - Incomplete ports for IPA ad-trust

Summary: Incomplete ports for IPA ad-trust

Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	7.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	IPA Maintainers
QA Contact:	Namita Soman
Docs Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:	1278435
TreeView+	depends on / blocked

Reported:	2015-10-27 20:08 UTC by ckyriaki
Modified:	2016-11-04 05:39 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Clones:	1278435 (view as bug list)
Environment:	(edit)
Last Closed:	2016-11-04 05:39:18 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2016:2404	normal	SHIPPED_LIVE	ipa bug fix and enhancement update	2016-11-03 13:56:18 UTC

Description ckyriaki 2015-10-27 20:08:46 UTC

Description of problem:
Portmapper has been missed from the list of open ports both the ipa-adtrust-install and the documentation (https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/trust-requirements.html#trust-req-ports). Microsoft link references the complete list of ports here:
https://msdn.microsoft.com/en-us/library/dd560683%28v=ws.10%29.aspx 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 Petr Vobornik 2015-10-29 09:09:59 UTC

Alexander, should port-mapper port be added to docs and ipa-adtrust-install output as required port to be opened for trusts?

Comment 3 Alexander Bokovoy 2015-10-29 10:00:56 UTC

Yes, I asked Christina to file this bug specifically to document the port mapper.

Comment 4 Petr Vobornik 2015-10-29 10:03:36 UTC

Upstream ticket:
https://fedorahosted.org/freeipa/ticket/5414

Comment 5 Petr Vobornik 2015-11-05 13:26:42 UTC

master:
    a566657f9d73a01b08017d251c4a0776d46265e2 Incomplete ports for IPA AD Trust 
ipa-4-2:
    e76e86656ae5c8f5e59a340e1ab4f9d107af7916 Incomplete ports for IPA AD Trust

Comment 6 Mike McCune 2016-03-28 22:43:24 UTC

This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 8 Sudhir Menon 2016-09-15 11:35:00 UTC

Fix is seen.

Portmapper port is mentioned in https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/trust-requirements.html#trust-req-ports

Endpoint resolution portmapper 	135 	        TCP
NetBIOS-DGM 	                138 	        TCP and UDP
NetBIOS-SSN 	                139 	        TCP and UDP
LDAP 	                        389 	        TCP and UDP ⁠[a]
Microsoft-DS 	                445 	        TCP and UDP
Endpoint mapper listener range  1024-1300 	TCP

Comment 10 errata-xmlrpc 2016-11-04 05:39:18 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2404.html

Note You need to log in before you can comment on or make changes to this bug.