| 2020-09-01 13:31:49 |
Andreas Hasenack |
bug |
|
|
added bug |
| 2020-09-02 12:46:57 |
Andreas Hasenack |
summary |
Apply some useful unreleased fixes |
Apply some useful unreleased changes |
|
| 2020-09-02 12:47:00 |
Andreas Hasenack |
description |
We should cherry-pick these fixes:
a) Use GSS-SPNEGO if available
Currently adcli uses the GSSAPI SASL mechanism for LDAP authentication
and to establish encryption. While this works in general it does not
handle some of the more advanced features which can be required by AD
DCs.
The GSS-SPNEGO mechanism can handle them and is used with this patch by
adcli if the AD DC indicates that it supports it.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1762420
https://gitlab.freedesktop.org/realmd/adcli/commit/a6f795ba3d6048b32d7863468688bf7f42b2cafd
b) add option use-ldaps
In general using the LDAP port with GSS-SPNEGO should satifiy all
requirements an AD DC should have for authentication on an encrypted
LDAP connection.
But if e.g. the LDAP port is blocked by a firewall using the LDAPS port
with TLS encryption might be an alternative. For this use case the
--use-ldaps option is added.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1762420
https://gitlab.freedesktop.org/realmd/adcli/-/commit/85097245b57f190337225dbdbf6e33b58616c092 |
We should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342 |
|
| 2020-09-02 12:51:51 |
Andreas Hasenack |
summary |
Apply some useful unreleased changes |
[FFe]: apply some useful upstream changes |
|
| 2020-09-02 12:55:05 |
Andreas Hasenack |
description |
We should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342 |
We should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there. |
|
| 2020-09-02 12:55:48 |
Andreas Hasenack |
description |
We should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there. |
As part of our roadmap commitment to better support integration with Active Directory, and since adcli was recently moved to main, we should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there. |
|
| 2020-09-02 12:56:00 |
Andreas Hasenack |
bug |
|
|
added subscriber Ubuntu Release Team |
| 2020-09-02 12:56:32 |
Andreas Hasenack |
description |
As part of our roadmap commitment to better support integration with Active Directory, and since adcli was recently moved to main, we should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there. |
As part of our roadmap commitment to better support integration with Active Directory, and since adcli was recently moved to main, we should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there.
PPA with test builds: https://launchpad.net/~ahasenack/+archive/ubuntu/adcli-fixes |
|
| 2020-09-02 12:57:10 |
Andreas Hasenack |
description |
As part of our roadmap commitment to better support integration with Active Directory, and since adcli was recently moved to main, we should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there.
PPA with test builds: https://launchpad.net/~ahasenack/+archive/ubuntu/adcli-fixes |
As part of our roadmap commitment to better support integration with Active Directory, and adcli was recently moved to main as a result of that, we should cherry-pick these changes which introduce new useful funcionality:
a) https://gitlab.freedesktop.org/realmd/adcli/-/commit/3937a2a7db90611aa7a93248233b0c5d31e85a3e
"""
add description option to join and update
This new option allows to set the description LDAP attribute for the AD
computer object.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
The above is an optional new parameter to the join and update commands. I tested it with an actual AD server (windows 2019).
b) https://gitlab.freedesktop.org/realmd/adcli/-/commit/0a169bd9b2687293f74bb57694eb82f9769610c9
"""
tools: add show-computer command
The show-computer command prints the LDAP attributes of the related
computer object from AD.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1737342
"""
This is a new command to show details about a computer account in AD, like OS, OS version, description (added by (a) above) and others. I also tested it with a live AD windows 2019 server.
Both new parameters or commands are not used by the realm tool, from the realmd package, so there is no risk of regression there.
PPA with test builds: https://launchpad.net/~ahasenack/+archive/ubuntu/adcli-fixes |
|
| 2020-09-09 14:53:28 |
Andreas Hasenack |
merge proposal linked |
|
https://code.launchpad.net/~ahasenack/ubuntu/+source/adcli/+git/adcli/+merge/390164 |
|
| 2020-09-28 08:21:09 |
Ćukasz Zemczak |
adcli (Ubuntu): status |
New |
Triaged |
|
| 2020-09-28 16:29:51 |
Launchpad Janitor |
adcli (Ubuntu): status |
Triaged |
Fix Released |
|
