0d817ae63a4ad8ba7a29910a9342a78e15e89593 adtrust: make sure that runtime hostname result is consistent with the configuration
e430699024df06e1e6f819824548986eb0fa5fd2 adtrust: make sure that runtime hostname result is consistent with the configuration
It was fixed in a way that ipa-adtrust-install fails with proper error message:
raise ValueError("Host reports different name than configured: "
"'%s' versus '%s'. Samba requires to have "
"the same hostname or Kerberos principal "
"'cifs/%s' will not be found in Samba keytab." %
(hostname, self.fqdn, self.fqdn))
It is not a job of ipa-adtrust-install to set hostname.
Tested on RHEL7.4 using
[root@master ~]# hostname
[root@master ~]# ipa-adtrust-install
The log file for this installation can be found in /var/log/ipaserver-install.log
This program will setup components needed to establish trust to AD domains for
the IPA Server.
* Configure Samba
* Add trust related objects to IPA LDAP server
To accept the default shown in brackets, press the Enter key.
Configuring cross-realm trusts for IPA server requires password for user 'admin'.This user is a regular system account used for IPA server administration.
Do you want to enable support for trusted domains in Schema Compatibility plugin? This will allow clients older than SSSD 1.9 and non-Linux clients to work with trusted users.
Enable trusted domains support in slapi-nis? [no]:
Enter the NetBIOS name for the IPA domain.
Only up to 15 uppercase ASCII letters, digits and dashes are allowed.
NetBIOS domain name [TESTRELM]:
WARNING: 3 existing users or groups do not have a SID identifier assigned.
Installer can run a task to have ipa-sidgen Directory Server plugin generate
the SID identifier for all these users. Please note, the in case of a high
number of users and groups, the operation might lead to high replication
traffic and performance degradation. Refer to ipa-adtrust-install(1) man page
Do you want to run the ipa-sidgen task? [no]:
The following operations may take some minutes to complete.
Please wait until the prompt is returned.
[1/22]: validate server hostname
[error] ValueError: Host reports different name than configured: 'master' versus 'master.testrelm.test'. Samba requires to have the same hostname or Kerberos principal 'cifs/master.testrelm.test' will not be found in Samba keytab.
Unexpected error - see /var/log/ipaserver-install.log for details:
ValueError: Host reports different name than configured: 'master' versus 'master.testrelm.test'. Samba requires to have the same hostname or Kerberos principal 'cifs/master.testrelm.test' will not be found in Samba keytab.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.