subject:"\[Bug 1853572\] Re\: realm fails with option \-\-computer\-ou"

[Bug 1853572] Re: realm fails with option --computer-ou

2020-09-07 Thread Alexander Fieroch

Thanks! I can confirm that it's working with 20.04.
Best regards

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1853572

Title:
  realm fails with option --computer-ou

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1853572/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1853572] Re: realm fails with option --computer-ou

2020-09-04 Thread Andreas Hasenack

Confirmed the problem on eoan:

# sudo realm join -v --computer-ou="OU=linux-computers,OU=client 
computers,OU=all computers,DC=ad1,DC=example,DC=com" --os-name=ubuntu 
--os-version=20.10 --client-software=sssd --automatic-id-mapping=no 
--membership-software=samba --computer-name=EOAN
 ! Couldn't get default domain from DHCP: 
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name 
org.freedesktop.NetworkManager was not provided by any .service files
 * No default domain received via DHCP
realm: No such realm found
root@eoan:~# sudo realm join -v --computer-ou="OU=linux-computers,OU=client 
computers,OU=all computers,DC=ad1,DC=example,DC=com" --os-name=ubuntu 
--os-version=20.10 --client-software=sssd --automatic-id-mapping=no 
--membership-software=samba --computer-name=EOAN ad1.example.com
 * Resolving: _ldap._tcp.ad1.example.com
 * Performing LDAP DSE lookup on: 10.51.0.5
 * Successfully discovered: ad1.example.com
Password for Administrator: 
 * Unconditionally checking packages
 * Resolving required packages
 * Installing necessary packages: sssd-tools samba-common-bin sssd libnss-sss 
libpam-sss
 * Joining using a manual netbios name: EOAN
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.C0GJQ0 
-U Administrator ads join ad1.example.com createcomputer=all computers/client 
computers/linux-computers osName=ubuntu osVer=20.10
Enter Administrator's password:
Failed to join domain: failed to precreate account in ou 
ou=linux-computers,ou=client computers,ou=all 
computers,dc=AD1,dc=EXAMPLE,dc=COM: No such object
 ! Joining the domain ad1.example.com failed
realm: Couldn't join realm: Joining the domain ad1.example.com failed

Since realmd is the same, it's samba that had the bug and it was fixed
in later releases, so from focal onwards the problem is not present.

It looks like it was https://bugzilla.samba.org/show_bug.cgi?id=14007,
fixed in 4.10.9. Since Ubuntu 19.10 Eoan is EOL, and 20.04 has 4.11.6
and I just confirmed it works there. I'll mark this bug as fix released
then.


** Bug watch added: Samba Bugzilla #14007
   https://bugzilla.samba.org/show_bug.cgi?id=14007

** Changed in: realmd (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1853572

Title:
  realm fails with option --computer-ou

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1853572/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1853572] Re: realm fails with option --computer-ou

2020-09-04 Thread Andreas Hasenack

Hello,

sorry for taking so long to get to this bug. realmd was recently
promoted to main and I'm going over the existing bugs to see what I can
fix with an update I'm preparing.

I tried your use case here with a 2019 windows ad server, and it worked.
Here is what I did:

- created an OU called "linux computers" (note the whitespace) right beside the 
existing computers one. It became "OU=linux computers,DC=ad1,DC=example,DC=com"
- ran this command on the client:

ubuntu@g-adclient1:~$ sudo realm join -v --computer-ou="OU=linux 
computers,DC=ad1,DC=example,DC=com" --os-name=ubuntu --os-version=20.10 
--client-software=sssd --automatic-id-mapping=no --membership-software=samba 
--computer-name=G-ADCLIENT1 ad1.example.com
 * Resolving: _ldap._tcp.ad1.example.com
 * Performing LDAP DSE lookup on: 10.51.0.5
 * Successfully discovered: ad1.example.com
Password for Administrator: 
 * Unconditionally checking packages
 * Resolving required packages
 * Joining using a manual netbios name: G-ADCLIENT1
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.DPICQ0 
-U Administrator ads join ad1.example.com createcomputer=linux computers 
osName=ubuntu osVer=20.10
Enter Administrator's password:
Using short domain name -- AD1
Joined 'G-ADCLIENT1' to dns domain 'ad1.example.com'
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.DPICQ0 
-U Administrator ads keytab create
Enter Administrator's password:
 * /usr/sbin/update-rc.d sssd enable
 * /usr/sbin/service sssd restart
 * Successfully enrolled machine in realm


ldapsearch confirms the creation in the right place:
ubuntu@g-adclient1:~$ ldapsearch -LLL -Y GSSAPI -b "ou=linux 
computers,dc=ad1,dc=example,dc=com" objectClass=computer dn cn operatingSystem 
operatingSystemServicePack operatingSystemVersion
SASL/GSSAPI authentication started
SASL username: administra...@ad1.example.com
SASL SSF: 256
SASL data security layer installed.
dn: CN=G-ADCLIENT1,OU=linux computers,DC=ad1,DC=example,DC=com
cn: G-ADCLIENT1
operatingSystem: ubuntu
operatingSystemVersion: 20.10
operatingSystemServicePack: Samba 4.12.5-Ubuntu


The error you got:
Failed to join domain: failed to precreate account in ou 
ou=Linux-Clients,ou=Client Computer,ou=alle Computer,dc=DOMAIN: No such object

Seems to imply that one or more components of that tree didn't exist.
Let me try again with a space elsewhere in the DN, closer to what you
have in your example:

Ok, now I have OU=linux-computers,OU=client computers,OU=all
computers,DC=ad1,DC=example,DC=com

Still worked:
ubuntu@g-adclient1:~$ sudo realm join -v 
--computer-ou="OU=linux-computers,OU=client computers,OU=all 
computers,DC=ad1,DC=example,DC=com" --os-name=ubuntu --os-version=20.10 
--client-software=sssd --automatic-id-mapping=no --membership-software=samba 
--computer-name=G-ADCLIENT1 ad1.example.com
 * Resolving: _ldap._tcp.ad1.example.com
 * Performing LDAP DSE lookup on: 10.51.0.5
 * Successfully discovered: ad1.example.com
Password for Administrator: 
 * Unconditionally checking packages
 * Resolving required packages
 * Joining using a manual netbios name: G-ADCLIENT1
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.IAZLQ0 
-U Administrator ads join ad1.example.com createcomputer=all computers/client 
computers/linux-computers osName=ubuntu osVer=20.10
Enter Administrator's password:
Using short domain name -- AD1
Joined 'G-ADCLIENT1' to dns domain 'ad1.example.com'
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.IAZLQ0 
-U Administrator ads keytab create
Enter Administrator's password:
 * /usr/sbin/update-rc.d sssd enable
 * /usr/sbin/service sssd restart
 * Successfully enrolled machine in realm


ubuntu@g-adclient1:~$ ldapsearch -LLL -Y GSSAPI -b "OU=all 
computers,DC=ad1,DC=example,DC=com" dn cn operatingSystem 
operatingSystemServicePack operatingSystemVersion
SASL/GSSAPI authentication started
SASL username: administra...@ad1.example.com
SASL SSF: 256
SASL data security layer installed.
dn: OU=all computers,DC=ad1,DC=example,DC=com

dn: OU=client computers,OU=all computers,DC=ad1,DC=example,DC=com

dn: OU=linux-computers,OU=client computers,OU=all computers,DC=ad1,DC=example,
 DC=com

dn: CN=G-ADCLIENT1,OU=linux-computers,OU=client computers,OU=all computers,DC=
 ad1,DC=example,DC=com
cn: G-ADCLIENT1
operatingSystem: ubuntu
operatingSystemVersion: 20.10
operatingSystemServicePack: Samba 4.12.5-Ubuntu


The version of realmd I'm using is 0.16.3-3, but samba has changed since ubuntu 
19.10: I have 2:4.12.5+dfsg-3ubuntu3

Do you still experience the issue?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1853572

Title:
  realm fails with option --computer-ou

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1853572/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com

[Bug 1853572] Re: realm fails with option --computer-ou

[Bug 1853572] Re: realm fails with option --computer-ou

[Bug 1853572] Re: realm fails with option --computer-ou

3 matches

Site Navigation

Mail list logo

Footer information