Description of problem: 3 out of 4 kerberos principal names were in the wrong case Version-Release number of selected component (if applicable): ipa-server-1.0.0-6.fc9.x86_64 bind-9.5.0-29.b2.fc9.x86_64 2.6.25-2.fc9.x86_64.xen How reproducible: Hardware Dell PE 2850 Raid 5 - 4 x 146Gb Fedora core 8 Xen Kernel 12Gb ram Guest is Fedora core 9 ( updated as of May 19 2008 ) 1 Vcpu - 1G ram - 10Gb Harddrive image Steps to Reproduce: 1. give the server a name with caps in it IE: freeIPA.test.net 1. yum install caching-nameserver 2. yum install ipa-server 3. run ipa-server-install --setup-bind -N 4. reboot 5. run ldapsearch -LLL -x -b "cn=kerberos,dc=test,dc=net" Actual results: # ldapsearch -LLL -x -b "cn=kerberos,dc=test,dc=net" objectclass=krbPrincipalAux dn dn: krbprincipalname=K/M,cn=TEST.NET,cn=kerberos,dc=test,dc= net dn: krbprincipalname=krbtgt/TEST.NET,cn=TEST.NET,cn=kerberos ,dc=test,dc=net dn: krbprincipalname=kadmin/admin,cn=TEST.NET,cn=kerberos,dc=im mport,dc=net dn: krbprincipalname=kadmin/changepw,cn=TEST.NET,cn=kerberos,dc =test,dc=net dn: krbprincipalname=kadmin/history,cn=TEST.NET,cn=kerberos,dc= test,dc=net dn: krbprincipalname=kadmin/freeipa.test.net,cn=TEST.NET,cn= kerberos,dc=test,dc=net dn: krbprincipalname=ldap/freeIPA.test.net,cn=TEST.NET,cn=ke rberos,dc=test,dc=net dn: krbprincipalname=host/freeIPA.test.net,cn=TEST.NET,cn=ke rberos,dc=test,dc=net dn: krbprincipalname=HTTP/freeIPA.test.net,cn=TEST.NET,cn=ke rberos,dc=test,dc=net Expected results: # ldapsearch -LLL -x -b "cn=kerberos,dc=test,dc=net" objectclass=krbPrincipalAux dn dn: krbprincipalname=K/M,cn=TEST.NET,cn=kerberos,dc=test,dc= net dn: krbprincipalname=krbtgt/TEST.NET,cn=TEST.NET,cn=kerberos ,dc=test,dc=net dn: krbprincipalname=kadmin/admin,cn=TEST.NET,cn=kerberos,dc=im mport,dc=net dn: krbprincipalname=kadmin/changepw,cn=TEST.NET,cn=kerberos,dc =test,dc=net dn: krbprincipalname=kadmin/history,cn=TEST.NET,cn=kerberos,dc= test,dc=net dn: krbprincipalname=kadmin/freeipa.test.net,cn=TEST.NET,cn= kerberos,dc=test,dc=net dn: krbprincipalname=ldap/freeipa.test.net,cn=TEST.NET,cn=ke rberos,dc=test,dc=net dn: krbprincipalname=host/freeipa.test.net,cn=TEST.NET,cn=ke rberos,dc=test,dc=net dn: krbprincipalname=HTTP/freeipa.test.net,cn=TEST.NET,cn=ke rberos,dc=test,dc=net Additional info:
Created attachment 306126 [details] ensure hostname is lower case during install & when adding service principals
iap-1-0: e7aa0b6c5e4eb472d09744e4c8c1ed916c5ca1ac master: fcd3260955f38bda970b6cba16b72b576d727b63
did 2 test to verify this scenario --------------------------- test 1 server32[12/04/08 17:18]~> ipa-addservice CIFS/cIfS.RHQA.Net server32[12/04/08 17:19]~> /usr/lib/mozldap/ldapsearch -D "cn=directory manager" -w redhat123 -s sub -b "dc=rhqa,dc=net" "" "*" | grep -i "cifs" dn: krbprincipalname=CIFS/cifs.rhqa.net,cn=services,cn=accounts,dc=rh krbPrincipalName: CIFS/cifs.rhqa.net -------------------------------------- test 2 server32[12/04/08 17:19]~> ipa-addservice otHER/oTHER.RHQA.Netserver32[12/04/08 17:20]~> /usr/lib/mozldap/ldapsearch -D "cn=directory manager" -w redhat123 -s sub -b "dc=rhqa,dc=net" "" "*" | grep -i "OTHER" description: Limited admins who can edit other users dn: krbprincipalname=otHER/other.rhqa.net,cn=services,cn=accounts,dc= krbPrincipalName: otHER/other.rhqa.net please pay special attention to test 2, the krbPrincipalName becomes otHER/other.rhqa.net does "otHER" string suppose to be here? Please verify this.
We don't touch the case of the service name. It gets stored as whatever the user passed in. Some service names are upper-case (HTTP) and some are lower-case (host). It is up to the user to specify the right service.
based on Rob's comment, bug closed