Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-26166

[RHEL-8] `# realm leave --remove` command should not ask for credentials if a valid kerberos ticket is present.

XMLWordPrintable

    • realmd-0.17.1-2.el8
    • None
    • Moderate
    • rhel-sst-idm-sssd
    • ssg_idm
    • 0
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Red Hat Enterprise Linux
    • None
    • If docs needed, set a value
    • None

      Description of problem:

      When we use --remove option with realm leave, it also deletes computer account from AD. With just realm leave it does not.
      1. When we use realm leave --remove it asks for Admin user credentials.
      So the requirement here is if I have a valid kerberos ticket, then it should use that ticket to remove system from AD domain and should not ask for credentials.
      2. The above scenario works with realm join as its possible to join the domain without credentials if we have a valid kerberos ticket. This should work for realm leave --remove as well.

      Version-Release number of selected component (if applicable):

      How reproducible:
      [Always]

      Steps to Reproduce:
      1. # realm leave --remove

      Actual results:

      1. realm --remove leave
        Password for Administrator:

      Expected results:

      1. realm --remove leave
        #

      [It should leave domain without asking for Admin credentials if a valid kerberos ticket is present]

      Additional info:
      [NA]

              sbose@redhat.com Sumit Bose
              rhn-support-pdoiphod Priyanka Doiphode
              Sumit Bose Sumit Bose
              Shridhar Gadekar Shridhar Gadekar
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: