Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 768316 - [RFE] ipa-getkeytab should auto-detect the ipa server name
[RFE] ipa-getkeytab should auto-detect the ipa server name
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.0
All Linux
medium Severity medium
: rc
: ---
Assigned To: Martin Kosek
IDM QE LIST
Aneta Šteflová Petrová
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-12-16 05:45 EST by Najmuddin Chirammal
Modified: 2016-11-04 01:42 EDT (History)
6 users (show)

See Also:
Fixed In Version: ipa-4.4.0-0.el7.1.alpha1
Doc Type: Enhancement
Doc Text:
*ipa-getkeytab* can now automatically detect the IdM server When running the *ipa-getkeytab* utility on an Identity Management (IdM) server, you are no longer required to specify the server name using the "-s" option. The *ipa-getkeytab* utility detects the IdM server automatically in this situation.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-04 01:42:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:2404 normal SHIPPED_LIVE ipa bug fix and enhancement update 2016-11-03 09:56:18 EDT

  None (edit)
Description Najmuddin Chirammal 2011-12-16 05:45:48 EST
Description of problem:

Ipa-getkeytab command expect the ipa server name and it fails if no server name is provided.

Currently the ipa server name has to be mentioned even if the command is executed  from ipa server or client.

expectation: ipa-getkeytab detects the ipa server(if configured) 

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. execute ipa-getkeytab without -s <ipa_server> option
  
Actual results: ipa-getkeytab fails if server name is not provided.
ipa-getkeytab -p HTTP/vm123.example.com -k /tmp/HTTP_vm123.example.com
Usage: ipa-getkeytab [-qP?] [-q|--quiet] [-s|--server Server Name] [-p|--principal Kerberos Service Principal Name] [-k|--keytab Keytab File Name]

Expected results:

ipa-getkeytab detects the ipa server name if the box is configured as ipa client.
Comment 2 Dmitri Pal 2011-12-16 09:35:20 EST
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2203
Comment 5 Petr Vobornik 2016-01-29 03:57:38 EST
Has been fixed upstream:

master:
    f12f56fe8d607240efd7e8c8a942554bdd3b980f Support sourcing the IPA server name from config
Comment 6 Mike McCune 2016-03-28 19:07:19 EDT
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions
Comment 8 Sudhir Menon 2016-09-16 05:16:19 EDT
Verified on RHEL73 using ipa-server-4.4.0-11.el7.x86_64

===IPA Client====
[root@client ~]# ipa-getkeytab -p ldap/master.test-relm.test -k /tmp/ldap1.keytab 
Keytab successfully retrieved and stored in: /tmp/ldap1.keytab
[root@client ~]# ipa-getkeytab -p HTTP/master.test-relm.test -k /tmp/http.keytab
Keytab successfully retrieved and stored in: /tmp/http.keytab
[root@client ~]# ipa-getkeytab -p cifs/master.test-relm.test -k /tmp/cifs.keytab
Keytab successfully retrieved and stored in: /tmp/cifs.keytab

===IPA Master===
[root@master ~]# ipa-getkeytab -p ldap/master.test-relm.test -k /tmp/ldap1.keytab 
Keytab successfully retrieved and stored in: /tmp/ldap1.keytab
[root@master ~]# ipa-getkeytab -p HTTP/master.test-relm.test -k /tmp/http.keytab
Keytab successfully retrieved and stored in: /tmp/http.keytab
[root@master ~]#  ipa-getkeytab -p cifs/master.test-relm.test -k /tmp/cifs.keytab
Keytab successfully retrieved and stored in: /tmp/cifs.keytab
Comment 10 errata-xmlrpc 2016-11-04 01:42:57 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2404.html

Note You need to log in before you can comment on or make changes to this bug.