freeipa

Clone
Source Code
GIT

f32e0e4 do not use trusted forest name to construct domain admin principal

1 file Authored by mbabinsk 7 years ago, Committed by mbasti 7 years ago,
raw patch tree parent
1 file changed. 1 lines added. 1 lines removed.
ipaserver/plugins/trust.py
file modified
+1 -1 
    do not use trusted forest name to construct domain admin principal
    
    When `trust-add` is supplied AD domain admin name without realm component, the
    code appends the uppercased AD forest root domain name to construct the full
    principal. This can cause authentication error, however, when external trust
    with non-root domain is requested.
    
    We should instead use the supplied DNS domain name (if valid) as a realm
    component.
    
    https://fedorahosted.org/freeipa/ticket/6277
    
    Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
file modified
+1 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.