#3335 GPO retrieval doesn't work if SMB1 is disabled
Closed: Fixed a year ago Opened 2 years ago by jhrozek.


Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.4

2 years ago

Don't Know what's I am missing, But not able to reproduce the Issue:

On Windows2008-R2
1. Disabled SMBv1:
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -
Type DWORD -Value 0 -Force
2. Created New user(amitkuma23-3) in Active Directory Users And Computers.

On RHEL Client:

/usr/sbin/sssd --version

1.15.2
1. Tried retrieving user information(retrieved successfully)
# sss_cache -U
# id amitkuma23-3; getent passwd amitkuma23-2; su - amitkuma23-2

Attached sssd-logs(log-level=10), sssd.conf, smb.conf

Thanks
sssd.conf
smb.conf
amitkuma23-2

We need to take a look soon..

Metadata Update from @jhrozek:
- Issue assigned to mzidek
- Issue priority set to: critical

2 years ago

Metadata Update from @jhrozek:
- Issue tagged with: cleanup-one-sixteen

2 years ago

Metadata Update from @jhrozek:
- Issue untagged with: cleanup-one-sixteen
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

2 years ago

Since we are required to release a new upstream tarball no later than Friday Oct-20, I'm moving tickets that will not be closed by that date to the next milestone, 1.16.1

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.1 (was: SSSD 1.16.0)

2 years ago

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1526489

2 years ago

Since we need to release a new tarball quite soon, I'm proposing this ticket is moved to the next milestone (but not later because downstream users are hitting the bug).

Metadata Update from @jhrozek:
- Issue tagged with: postpone-to-1-16-2

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.2 (was: SSSD 1.16.1)

a year ago

Metadata Update from @jhrozek:
- Issue untagged with: postpone-to-1-16-2

a year ago

@mzidek since there is a workaround (which we should add to this ticket) and new releases of samba default to SMB2 as well, do you agree that this ticket can be closed?

Yes, we can close this.

JFTR the workaround was to put this option to [global] section in /etc/samba/smb.conf:

[global]
client max protocol = SMB3

And with Samba 4.7 and newer this workaround is no longer needed.

Metadata Update from @mzidek:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

a year ago

Login to comment on this ticket.

Metadata
Attachments 3
Attached 2 years ago View Comment
Attached 2 years ago View Comment
Attached 2 years ago View Comment