#3335 GPO retrieval doesn't work if SMB1 is disabled

Created a year ago by jhrozek
Modified 4 months ago

Attachments
sssd.conf - 2017-05-23 11:21:12 Comment Download
smb.conf - 2017-05-23 11:21:12 Comment Download
amitkuma23-2 - 2017-05-23 11:21:12 Comment Download

a year ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.4

Don't Know what's I am missing, But not able to reproduce the Issue:

On Windows2008-R2
1. Disabled SMBv1:
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -
Type DWORD -Value 0 -Force
2. Created New user(amitkuma23-3) in Active Directory Users And Computers.

On RHEL Client:

/usr/sbin/sssd --version

1.15.2
1. Tried retrieving user information(retrieved successfully)
# sss_cache -U
# id amitkuma23-3; getent passwd amitkuma23-2; su - amitkuma23-2

Attached sssd-logs(log-level=10), sssd.conf, smb.conf

Thanks
sssd.conf
smb.conf
amitkuma23-2

We need to take a look soon..

9 months ago

Metadata Update from @jhrozek:
- Issue assigned to mzidek
- Issue priority set to: critical

9 months ago

Metadata Update from @jhrozek:
- Issue tagged with: cleanup-one-sixteen

9 months ago

Metadata Update from @jhrozek:
- Issue untagged with: cleanup-one-sixteen
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

Since we are required to release a new upstream tarball no later than Friday Oct-20, I'm moving tickets that will not be closed by that date to the next milestone, 1.16.1

7 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.1 (was: SSSD 1.16.0)

5 months ago

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1526489

Issue linked to Bugzilla: Bug 1526489

Since we need to release a new tarball quite soon, I'm proposing this ticket is moved to the next milestone (but not later because downstream users are hitting the bug).

5 months ago

Metadata Update from @jhrozek:
- Issue tagged with: postpone-to-1-16-2

4 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.2 (was: SSSD 1.16.1)

4 months ago

Metadata Update from @jhrozek:
- Issue untagged with: postpone-to-1-16-2

@mzidek since there is a workaround (which we should add to this ticket) and new releases of samba default to SMB2 as well, do you agree that this ticket can be closed?

Yes, we can close this.

JFTR the workaround was to put this option to [global] section in /etc/samba/smb.conf:

[global]
client max protocol = SMB3

And with Samba 4.7 and newer this workaround is no longer needed.

4 months ago

Metadata Update from @mzidek:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

Login to comment on this ticket.

https://bugzilla.redhat.com/show_bug.cgi?id=1526489

cancel