Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1580281 - Samba can not register sss idmap module because it's using an outdated SMB_IDMAP_INTERFACE_VERSION [rhel-7.5.z]
Samba can not register sss idmap module because it's using an outdated SMB_ID...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd (Show other bugs)
7.5
All Linux
urgent Severity urgent
: rc
: ---
Assigned To: SSSD Maintainers
sssd-qe
: ZStream
Depends On: 1578291
Blocks:
  Show dependency treegraph
 
Reported: 2018-05-21 03:19 EDT by Oneata Mircea Teodor
Modified: 2018-06-26 12:49 EDT (History)
14 users (show)

See Also:
Fixed In Version: sssd-1.16.0-19.el7_5.3
Doc Type: Bug Fix
Doc Text:
Previously, the new Samba version in Red Hat Enterprise Linux 7.5 used a newer version of the idmap plug-in interface and SSSD still provided a plug-in with an older version. If Samba was configured to use SSSD's idmap plug-in, smdb and winbind services failed to start due to the version mismatch. With this update, SSSD provides a plug-in with a matching version. As a result, smdb and winbind run as expected.
Story Points: ---
Clone Of: 1578291
Environment:
Last Closed: 2018-06-26 12:49:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:1986 None None None 2018-06-26 12:49 EDT

  None (edit)
Description Oneata Mircea Teodor 2018-05-21 03:19:20 EDT 
This bug has been copied from bug #1578291 and has been proposed to be backported to 7.5 z-stream (EUS).
Comment 3 Niranjan Mallapadi Raghavender 2018-06-04 23:49:19 EDT 
Versions:
=========
libsss_idmap-1.16.0-19.el7_5.5.x86_64
libsss_sudo-1.16.0-19.el7_5.5.x86_64
libsss_autofs-1.16.0-19.el7_5.5.x86_64
libsss_nss_idmap-1.16.0-19.el7_5.5.x86_64
sssd-common-1.16.0-19.el7_5.5.x86_64
sssd-ipa-1.16.0-19.el7_5.5.x86_64
sssd-1.16.0-19.el7_5.5.x86_64
sssd-winbind-idmap-1.16.0-19.el7_5.5.x86_64
libsss_certmap-1.16.0-19.el7_5.5.x86_64
python-sssdconfig-1.16.0-19.el7_5.5.noarch
sssd-client-1.16.0-19.el7_5.5.x86_64
sssd-krb5-common-1.16.0-19.el7_5.5.x86_64
sssd-ad-1.16.0-19.el7_5.5.x86_64
sssd-ldap-1.16.0-19.el7_5.5.x86_64
sssd-proxy-1.16.0-19.el7_5.5.x86_64
sssd-kcm-1.16.0-19.el7_5.5.x86_64
sssd-common-pac-1.16.0-19.el7_5.5.x86_64
sssd-krb5-1.16.0-19.el7_5.5.x86_64




[sssd]
domains = testrelm.test
config_file_version = 2
services = nss, pam

[domain/testrelm.test]
ad_domain = testrelm.test
krb5_realm = TESTRELM.TEST
realmd_tags = manages-system joined-with-samba 
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = ad
debug_level = 9




Steps:
1. Join RHEL7.5 system to windows AD domain using below command

realm join -v TESTRELM.TEST --membership-software=samba

2. Configure smb.conf as below 

cat /etc/samba/smb.conf


[global]
        workgroup = TESTRELM
        realm = TESTRELM.TEST
        security = ads
        client signing = yes
        client use spnego = yes
        idmap config * : backend = sss
        idmap config * : range   = 200000-2147483647
        log level = 9

3. restart winbind 

$ systemctl restart winbind

4. Run wbinfo

[root@host-8-242-110 sssd]# wbinfo -i TESTRELM\\administrator
TESTRELM\administrator:*:1507800500:1507800513::/home/TESTRELM/administrator:/bin/false
[root@host-8-242-110 sssd]# systemctl status winbind
● winbind.service - Samba Winbind Daemon
   Loaded: loaded (/usr/lib/systemd/system/winbind.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2018-06-04 23:37:19 EDT; 8min ago
 Main PID: 11675 (winbindd)
   Status: "winbindd: ready to serve connections..."
   CGroup: /system.slice/winbind.service
           ├─11675 /usr/sbin/winbindd --foreground --no-process-group
           ├─11677 /usr/sbin/winbindd --foreground --no-process-group
           └─22302 /usr/sbin/winbindd --foreground --no-process-group

Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com systemd[1]: Starting Samba Winbind Daemon...
Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]: [2018/06/04 23:37:19.089894,  0] ../source3/winbindd/winbindd_cache.c:3170(initialize_winbindd_cache)
Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]:   initialize_winbindd_cache: clearing cache and re-creating with version number 2
Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]: [2018/06/04 23:37:19.094727,  0] ../lib/util/become_daemon.c:124(daemon_ready)
Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com systemd[1]: Started Samba Winbind Daemon.
Jun 04 23:37:19 host-8-242-110.host.centralci.eng.rdu2.redhat.com winbindd[11675]:   STATUS=daemon 'winbindd' finished starting up and ready to serve connection
Comment 7 errata-xmlrpc 2018-06-26 12:49:19 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1986
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.