Ubuntu
sssd package

LDAP ping doesn't prefers site-local DCS

Bug #1587988 reported by Jorge Niedbalski
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sssd (Ubuntu)
Fix Released
Medium
Unassigned
Trusty
Fix Released
Medium
Unassigned
Wily
Won't Fix
Medium
Unassigned
Xenial
Fix Released
Medium
Unassigned
Yakkety
Fix Released
Medium
Unassigned

Bug Description

[Description]

If an active directory domain has any domain controllers defined that are not accesible
from a specific location, then sssd should prefer site-local DCs in LDAP ping.

This behavior has been fixed on upstream via:
https://git.fedorahosted.org/cgit/sssd.git/commit/?id=a1c6869c67fcf4971ac843315b97bf46893ca92d

[Reproduction]

[Possible regressions]

* None identified

Jorge Niedbalski (niedbalski)
Changed in sssd (Ubuntu):
status: New → Fix Released
importance: Undecided → High
tags: added: sts-needs-review
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

fixed in 1.13.4 which is in xenial

and I'd say "screw wily" at this point..

Changed in sssd (Ubuntu Xenial):
status: New → Fix Released
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

On which release did you bump into this? The upstream commit is not directly backportable to 1.11.x in trusty, btw.

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

(fails to build)

Revision history for this message
Jorge Niedbalski (niedbalski) wrote :
Changed in sssd (Ubuntu Trusty):
importance: Undecided → High
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

Thanks, fwiw the upload queue has 1.11.8-0ubuntu0.1 which noone has dared to accept yet. It doesn't fix this though

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

I've added the patches and uploaded a new version to trusty queue

Changed in sssd (Ubuntu Trusty):
status: New → In Progress
Revision history for this message
Timo Aaltonen (tjaalton) wrote : Please test proposed package

Hello Jorge, or anyone else affected,

Accepted sssd into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/sssd/1.11.8-0ubuntu0.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in sssd (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Revision history for this message
Martin Pitt (pitti) wrote :

Hello Jorge, or anyone else affected,

Accepted sssd into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/sssd/1.11.8-0ubuntu0.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

still needs to be tested..

Revision history for this message
Leonardo Borda (lborda) wrote :

Hi Timo,

As per the comment #9 the packages should be in -proposed but they are not there. I can see them in https://launchpad.net/ubuntu/+source/sssd/1.11.8-0ubuntu0.2/+build/10197654 though...

Can you make it available in -proposed ?

Leo

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

oh you're right, it adds a new binary package so it's stuck in the NEW queue now.. I can't do anything about that myself

Revision history for this message
Leonardo Borda (lborda) wrote :

the proposed packages fix the site discovery issue however we still cannot get the packages from http://archive.ubuntu.com/ubuntu/pool/universe/s/sssd/.

Adam Conrad (adconrad)
Changed in sssd (Ubuntu Wily):
status: New → Won't Fix
Revision history for this message
Jorge Niedbalski (niedbalski) wrote :

The package in the -proposed archive fixes the issue with SSSD now it properly discovers both servers by setting the ad_site option directive.

tags: added: verification-done
removed: sts-needs-review verification-needed
Revision history for this message
Leonardo Borda (lborda) wrote :

Still sitting in trusty-proposed can we proceed on making available for trusty ?

The package in the -proposed archive fixes the issue with SSSD.

$ rmadison sssd |grep trusty
 sssd | 1.11.5-1ubuntu3 | trusty | source, amd64, arm64, armhf, i386, powerpc, ppc64el
 sssd | 1.11.8-0ubuntu0.2 | trusty-proposed | source, amd64, arm64, armhf, i386, powerpc, ppc64el

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

right, it's been there for a long while now, I've now verified the two unverified bugs that the new version should fix, so this should allow the package to move to updates

Mathew Hodson (mhodson)
Changed in sssd (Ubuntu Wily):
importance: Undecided → High
Changed in sssd (Ubuntu Xenial):
importance: Undecided → High
Mathew Hodson (mhodson)
Changed in sssd (Ubuntu Yakkety):
importance: High → Medium
Changed in sssd (Ubuntu Wily):
importance: High → Medium
Changed in sssd (Ubuntu Xenial):
importance: High → Medium
Changed in sssd (Ubuntu Trusty):
importance: High → Medium
Revision history for this message
Martin Pitt (pitti) wrote : Update Released

The verification of the Stable Release Update for sssd has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sssd - 1.11.8-0ubuntu0.2

---------------
sssd (1.11.8-0ubuntu0.2) trusty; urgency=medium

  * control: Drop check from build-depends (ftbfs).

sssd (1.11.8-0ubuntu0.1) trusty; urgency=medium

  * New upstream bugfix release. (LP: #1443802, #1453253, #1456498,
    #1578191, #1585698)
    - fix-samba4-crash.patch: Dropped, upstream.
    - sssd-dbus: Add a new subpackage for the D-Bus responder.
    - sssd-common.install, sssd-dbus.install: Add new sss_signal helper
      and the dbus service using it.
  * fix-upstream-2620.diff: Set sdap handle as explicitly connected in
    LDAP auth. (LP: #1519086)
  * debian/patches/AD-*.diff: Prefer site-local-DCs in LDAP ping, thanks
    Jorge Niedbalski! (LP: #1587988)

 -- Timo Aaltonen <email address hidden> Thu, 30 Jun 2016 23:51:51 +0300

Changed in sssd (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.