Getting new "DN is out of the realm subtree" error on adding principal
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krb5 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Recently applied security update to 14.04.5 LTS kerberos (1.12+dfsg-
Obfuscated example:
kadmin.local -q "ank -x dn=\"uid=
now gives:
Authenticating as principal <email address hidden> with password.
NOTICE: no policy specified for <email address hidden>; assigning "default"
add_principal: DN is out of the realm subtree while creating "<email address hidden>".
This worked up through 1.12+dfsg-
I'm going to attempt a downgrade to 1.12+dfsg-
Changed in krb5 (Ubuntu Trusty): | |
status: | New → Triaged |
Changed in krb5 (Ubuntu): | |
status: | Confirmed → Fix Released |
Yes, it is because of that change.
is the dn outside of the subtree?