Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1431870
Description of problem: Regression test for BZ1177140 fails with new libsmbclient It might be a bug in libsmbclient Version-Release number of selected component (if applicable): sh$ rpm -q sssd libsmbclient sssd-1.15.1-1.el7.x86_64 libsmbclient-4.6.0-2.el7.x86_64 How reproducible: deterministic Steps to Reproduce: 1. join machine to AD domain 2. create /etc/sssd/sssd.conf unindent <<<" [sssd] config_file_version = 2 services = nss, pam domains = $AD_DOMAIN1 [nss] filter_groups = root filter_users = root default_shell = /bin/bash [pam] [domain/$AD_DOMAIN1] ldap_purge_cache_timeout = 0 krb5_auth_timeout = 12 debug_level = 0xFFF0 ad_domain = $AD_DOMAIN1 krb5_realm = $AD_SERVER1_REALM ad_server = $AD_SERVER1 cache_credentials = True id_provider = ad krb5_store_password_if_offline = True use_fully_qualified_names = True fallback_homedir = /home/%d/%u access_provider = ad ad_gpo_access_control = enforcing ad_gpo_map_interactive = +su +sshd 3. create /etc/samba/smb.conf [global] workgroup = $AD_SERVER_SHORT_REALM realm = $AD_SERVER1_REALM security = ads kerberos method = system keytab log level = 10 4. systemctl restart sssd.service smb.service 5. authenticate as user who should be able to authenticate allow_u-23737@sssdad.com Actual results: authentication fialed Expected results: user authenticate without any problem Additional info: It fails with rhel7.3 sssd-1.14.0-43.el7_3.11.x86_64 and new libsmbclient-4.6.0-2.el7.x86_64 sh# cat /var/log/sssd/gpo_child.log (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [main] (0x0400): gpo_child started. (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [main] (0x0400): context initialized (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x0400): cached_gpt_version: -1 (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_server length: 22 (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_server: smb://pluto.sssdad.com (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_share length: 7 (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_share: /sysvol (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_path length: 59 (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_path: /sssdad.com/Policies/{892F53E0-E4AA-4D2E-9106-7AA4B9FE8680} (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_cse_suffix length: 49 (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [unpack_buffer] (0x4000): smb_cse_suffix: /Machine/Microsoft/Windows NT/SecEdit/GptTmpl.inf (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [main] (0x0400): performing smb operations (Mon Mar 13 18:17:43 2017) [[sssd[gpo_child[19195]]]] [copy_smb_file_to_gpo_cache] (0x0400): smb_uri: smb://pluto.sssdad.com/sysvol/s ssdad.com/Policies/{892F53E0-E4AA-4D2E-9106-7AA4B9FE8680}/GPT.INI (Mon Mar 13 18:17:44 2017) [[sssd[gpo_child[19195]]]] [copy_smb_file_to_gpo_cache] (0x0020): smbc_getFunctionOpen failed [13][Permission denied] (Mon Mar 13 18:17:44 2017) [[sssd[gpo_child[19195]]]] [perform_smb_operations] (0x0020): copy_smb_file_to_gpo_cache failed [13][Permission denied] (Mon Mar 13 18:17:44 2017) [[sssd[gpo_child[19195]]]] [main] (0x0020): perform_smb_operations failed.[13][Permission denied]. (Mon Mar 13 18:17:44 2017) [[sssd[gpo_child[19195]]]] [main] (0x0020): gpo_child failed! It might be a bug in libsmbclient or wrong usage of libsmbclient by sssd. Anyway we need to prepare simpler reproducer if we want to reassign to samba
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1431870
It is possible that bug is in libsmbclient
Metadata Update from @lslebodn: - Issue assigned to mzidek - Issue priority set to: 2
The problem was in the test. It was setting the workgroup in smb.conf to an empty value, which is a configuration error. Closing this issue.
Metadata Update from @mzidek: - Issue close_status updated to: Invalid - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4377
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.