Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: rhel-10.0.beta
Affects Version/s: rhel-10.0.beta
Component/s: samba
Labels:
- SAMBA-POST
- samba

Fixed in Build:
samba-4.20.2-103.el10
Regression:
Yes
Severity:
Low
Keywords:

Regression

Pool Team:

sst_idm_sssd
Sub-System Group:

ssg_idm

Story Points:
0
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Products:

Red Hat Enterprise Linux
Sprint:
None

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/136143
Test Coverage:

RegressionOnly

Experience:

PX Impact Score:
PX Priority Data:
PX Review Complete:
PX Scheduling Request:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

idmap_ad creates an incorrect local krb5.conf in case of trusted domain lookups.

In case we have idmap_ad and trusted domain and connect to a trusted domain we create a krb5.conf for our realm but with the IP of the trusted domain KDC. Thus we try to get a krbtgt from the trusted domain for our machine account and fail. The trusted domain KDC doesn't know about our machine account.

We need to look up the KDC IP in this case instead of providing one.

links to

RHBA-2024:136143 samba update

Samba Bug 15653

Assignee:: Andreas Schneider

Reporter:: Andreas Schneider

Developer:: Andreas Schneider

QA Contact:: Denis Karpelevich

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2024/07/02 8:02 AM

Updated:: 2024/10/07 12:57 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates