Bug 961316 - "realm discover" not properly restricting returned results when "--server-software=freeipa" is used against an AD server
"realm discover" not properly restricting returned results when "--server-sof...
Status: CLOSED NOTABUG
Product: Fedora
Classification: Fedora
Component: realmd (Show other bugs)
19
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Stef Walter
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 959458
  Show dependency treegraph
 
Reported: 2013-05-09 08:02 EDT by yelley
Modified: 2014-09-14 20:08 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-05-09 10:58:00 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description yelley 2013-05-09 08:02:15 EDT
Description of problem:
"realm discover" does not properly restrict returned results when "--server-software=free-ipa" is used against an AD server (in realm FOO.COM)

Version-Release number of selected component (if applicable):
realmd-0.14.0-1

Steps to Reproduce:
$ realm discover -v --server-software=free-ipa FOO.COM
foo.com
  type: kerberos
  realm-name: FOO.COM
  domain-name: foo.com
  configured: kerberos-member
  server-software: active-directory
  client-software: sssd
  required-package: sssd-tools
  required-package: sssd
  required-package: adcli
  required-package: samba-common
  login-formats: FOO\%U
  login-policy: allow-realm-logins

Expected results:
No results should be returned (b/c we are restricting results to be for realms that support free-ipa server software - which AD doesn't).
Comment 1 yelley 2013-05-09 08:08:30 EDT
I noticed I previously used "free-ipa" instead of the correct value of "freeipa". However, I am still seeing the same problem when using "freeipa", although I no longer see the login-policy field. There is also some extra initial output.

$ realm discover -v --server-software=freeipa FOO.COM
 * Resolving: _ldap._tcp.dc._msdcs.foo.com
 * Sending MS-CLDAP ping to: 10.16.189.20
 * Successfully discovered: foo.com
foo.com
  type: kerberos
  realm-name: FOO.COM
  domain-name: foo.com
  configured: kerberos-member
  server-software: active-directory
  client-software: sssd
  required-package: sssd-tools
  required-package: sssd
  required-package: adcli
  required-package: samba-common
  login-formats: FOO\%U
Comment 2 yelley 2013-05-09 10:58:00 EDT
It turns out that my environment was messed up. After fixing my environment, I am no longer seeing this bug. Sorry about that. This bug can be closed.

Note You need to log in before you can comment on or make changes to this bug.