I am on LOA for work until 9/18. I'll check when I return to work that day and follow up with you.
On Wed, Sep 13, 2023, 9:51 AM Gabriel Nagy <2024...@bugs.launchpad.net> wrote: > Hello, > > The issues described for 22.10 and 23.04 were fixed by > https://github.com/ubuntu/adsys/pull/699 and are available since adsys > v0.12.0. However this is only available in Mantic which is not yet > released. > > For the "invalid argument" issue encountered in 22.04, could you confirm > the version of the installed libsmbclient library in 22.04? > > Thanks > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/2024377 > > Title: > Adsys can't fetch GPOs > > Status in adsys package in Ubuntu: > Confirmed > > Bug description: > Bad, maybe no understandable english ahead. > > Can't find anything related to this on Github, Canonical Forums, > Reddit or StackOverflow. > > On Ubuntu 22.04, I've followed the Wiki tutorial and verified all > steps on Integration Ubuntu Desktop whitepaper. Currently using SSSD > backend, I can log with Active Directory users however when adsys is > installed I can't fetch GPOs. In this version the error is: > > ERROR Error from server: error while updating policy: can't get > policies for "ubuntu": can't download all gpos and assets: one or more > error while fetching GPOs and assets: can't download "ubuntuRoot": > can't check if ubuntuRoot needs refreshing: no GPT.INI file: cannot > open > smb:// > addc01.domain.com.br/SysVol/domain.com.br/Policies/{DF072E7E-6F2F-46D1-A90F-699415F72F2E}/GPT.INI > <http://addc01.domain.com.br/SysVol/domain.com.br/Policies/%7BDF072E7E-6F2F-46D1-A90F-699415F72F2E%7D/GPT.INI> > : > invalid argument > > It happens when using "adsysctl update -m" or "adsysctl update > usern...@domain.com.br /tmp/krb5c_getentId_randomdnumber" and just > "adsysctl update" too. > > I've upgrade the machine to 22.10 and the error changed to: > > ERROR Error from server: error while updating policy: can't get policies > for "ubuntu": failed to retrieve the list of GPO (exited with 1): exit > status 1 > Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER > Failed to connect to 'ldap://addc01.domain.com.br' with backend 'ldap': > LDAP client internal error: NT_STATUS_INVALID_PARAMETER > Failed to open session: (1, 'LDAP client internal error: > NT_STATUS_INVALID_PARAMETER'). > > After upgrade to 23.04 the error persist same as the above. > > Full info 22.04 (-vvvv verbose): > > INFO No configuration file: Config File "adsys" Not Found in > "[/home/jzprates /root /etc /usr/sbin]". > We will only use the defaults, env variables or flags. > DEBUG Connecting as [[2504:109556]] > DEBUG New request /service/UpdatePolicy > DEBUG Requesting with parameters: IsComputer: true, All: false, Target: > ubuntu, Krb5Cc: > DEBUG NormalizeTargetName for "ubuntu", type "computer" > DEBUG Check if grpc request peer is authorized > DEBUG Authorized as being administrator > DEBUG GetPolicies for "ubuntu", type "computer" > DEBUG Getting gpo list with arguments: "--objectclass computer ldap:// > addc01.domain.com.br ubuntu" > DEBUG GPO "ubuntuRoot" for "ubuntu" available at "smb:// > addc01.domain.com.br/SysVol/domain.com.br/Policies/{DF072E7E-6F2F-46D1-A90F-699415F72F2E} > <http://addc01.domain.com.br/SysVol/domain.com.br/Policies/%7BDF072E7E-6F2F-46D1-A90F-699415F72F2E%7D> > " > DEBUG Analyzing "assets" > DEBUG Analyzing "ubuntuRoot" > INFO No assets directory with GPT.INI file found on AD, skipping assets > download > ERROR Error from server: error while updating policy: can't get policies > for "ubuntu": can't download all gpos and assets: one or more error while > fetching GPOs and assets: can't download "ubuntuRoot": can't check if > ubuntuRoot needs refreshing: no GPT.INI file: cannot open smb:// > addc01.domain.com.br/SysVol/domain.com.br/Policies/{DF072E7E-6F2F-46D1-A90F-699415F72F2E}/GPT.INI > <http://addc01.domain.com.br/SysVol/domain.com.br/Policies/%7BDF072E7E-6F2F-46D1-A90F-699415F72F2E%7D/GPT.INI>: > invalid argument > > Full info 23.04 (-vvvv verbose): > > INFO No configuration file: Config File "adsys" Not Found in > "[/home/jzprates /root /etc /usr/sbin]". > DEBUG Connecting as [[58811:006019]] > DEBUG New request /service/UpdatePolicy > DEBUG Requesting with parameters: IsComputer: true, All: false, Target: > ubuntu, Krb5Cc: > DEBUG NormalizeTargetName for "ubuntu", type "computer" > DEBUG Check if grpc request peer is authorized > DEBUG Authorized as being administrator > DEBUG GetPolicies for "ubuntu", type "computer" > DEBUG Getting gpo list with arguments: "--objectclass computer ldap:// > addc01.domain.com.br ubuntu" > ERROR Error from server: error while updating policy: can't get policies > for "ubuntu": failed to retrieve the list of GPO (exited with 1): exit > status 1 > Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER > Failed to connect to 'ldap://addc01.domain.com.br' with backend 'ldap': > LDAP client internal error: NT_STATUS_INVALID_PARAMETER > Failed to open session: (1, 'LDAP client internal error: > NT_STATUS_INVALID_PARAMETER') > > Additional info: > > Domain Controller and machine are on the same subnet without firewall on > any level; > Domain Controller is a Windows Server 2019 updated to the last security > version; > Both machine and user are on the same OU with "no heritage" enabled and > just one policy added to permit usern...@domain.com.br to become root; > The info header directory is "/home/jzprates" on both logs because I've > collected them using the local account using "sudo adsysctl update -m > -vvvv"; > If I disable Adsys login on pam-auth-update, Ubuntu creates a homedir > and enter correctly with domain users. > > ProblemType: Bug > DistroRelease: Ubuntu 23.04 > Package: adsys 0.11.0 > ProcVersionSignature: Ubuntu 6.2.0-23.23-generic 6.2.12 > Uname: Linux 6.2.0-23-generic x86_64 > ApportVersion: 2.26.1-0ubuntu2 > Architecture: amd64 > CasperMD5CheckResult: pass > CurrentDesktop: ubuntu:GNOME > Date: Mon Jun 19 11:22:10 2023 > InstallationDate: Installed on 2023-06-13 (5 days ago) > InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 > (20230223) > RelatedPackageVersions: > sssd 2.8.1-1ubuntu1 > python3-samba 2:4.17.7+dfsg-1ubuntu1 > SourcePackage: adsys > UpgradeStatus: Upgraded to lunar on 2023-06-16 (2 days ago) > > modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf: > [deleted] > modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: > [deleted] > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2024377/+subscriptions > > -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/2024377 Title: Adsys can't fetch GPOs Status in adsys package in Ubuntu: Confirmed Bug description: Bad, maybe no understandable english ahead. Can't find anything related to this on Github, Canonical Forums, Reddit or StackOverflow. On Ubuntu 22.04, I've followed the Wiki tutorial and verified all steps on Integration Ubuntu Desktop whitepaper. Currently using SSSD backend, I can log with Active Directory users however when adsys is installed I can't fetch GPOs. In this version the error is: ERROR Error from server: error while updating policy: can't get policies for "ubuntu": can't download all gpos and assets: one or more error while fetching GPOs and assets: can't download "ubuntuRoot": can't check if ubuntuRoot needs refreshing: no GPT.INI file: cannot open smb://addc01.domain.com.br/SysVol/domain.com.br/Policies/{DF072E7E-6F2F-46D1-A90F-699415F72F2E}/GPT.INI: invalid argument It happens when using "adsysctl update -m" or "adsysctl update usern...@domain.com.br /tmp/krb5c_getentId_randomdnumber" and just "adsysctl update" too. I've upgrade the machine to 22.10 and the error changed to: ERROR Error from server: error while updating policy: can't get policies for "ubuntu": failed to retrieve the list of GPO (exited with 1): exit status 1 Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER Failed to connect to 'ldap://addc01.domain.com.br' with backend 'ldap': LDAP client internal error: NT_STATUS_INVALID_PARAMETER Failed to open session: (1, 'LDAP client internal error: NT_STATUS_INVALID_PARAMETER'). After upgrade to 23.04 the error persist same as the above. Full info 22.04 (-vvvv verbose): INFO No configuration file: Config File "adsys" Not Found in "[/home/jzprates /root /etc /usr/sbin]". We will only use the defaults, env variables or flags. DEBUG Connecting as [[2504:109556]] DEBUG New request /service/UpdatePolicy DEBUG Requesting with parameters: IsComputer: true, All: false, Target: ubuntu, Krb5Cc: DEBUG NormalizeTargetName for "ubuntu", type "computer" DEBUG Check if grpc request peer is authorized DEBUG Authorized as being administrator DEBUG GetPolicies for "ubuntu", type "computer" DEBUG Getting gpo list with arguments: "--objectclass computer ldap://addc01.domain.com.br ubuntu" DEBUG GPO "ubuntuRoot" for "ubuntu" available at "smb://addc01.domain.com.br/SysVol/domain.com.br/Policies/{DF072E7E-6F2F-46D1-A90F-699415F72F2E}" DEBUG Analyzing "assets" DEBUG Analyzing "ubuntuRoot" INFO No assets directory with GPT.INI file found on AD, skipping assets download ERROR Error from server: error while updating policy: can't get policies for "ubuntu": can't download all gpos and assets: one or more error while fetching GPOs and assets: can't download "ubuntuRoot": can't check if ubuntuRoot needs refreshing: no GPT.INI file: cannot open smb://addc01.domain.com.br/SysVol/domain.com.br/Policies/{DF072E7E-6F2F-46D1-A90F-699415F72F2E}/GPT.INI: invalid argument Full info 23.04 (-vvvv verbose): INFO No configuration file: Config File "adsys" Not Found in "[/home/jzprates /root /etc /usr/sbin]". DEBUG Connecting as [[58811:006019]] DEBUG New request /service/UpdatePolicy DEBUG Requesting with parameters: IsComputer: true, All: false, Target: ubuntu, Krb5Cc: DEBUG NormalizeTargetName for "ubuntu", type "computer" DEBUG Check if grpc request peer is authorized DEBUG Authorized as being administrator DEBUG GetPolicies for "ubuntu", type "computer" DEBUG Getting gpo list with arguments: "--objectclass computer ldap://addc01.domain.com.br ubuntu" ERROR Error from server: error while updating policy: can't get policies for "ubuntu": failed to retrieve the list of GPO (exited with 1): exit status 1 Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER Failed to connect to 'ldap://addc01.domain.com.br' with backend 'ldap': LDAP client internal error: NT_STATUS_INVALID_PARAMETER Failed to open session: (1, 'LDAP client internal error: NT_STATUS_INVALID_PARAMETER') Additional info: Domain Controller and machine are on the same subnet without firewall on any level; Domain Controller is a Windows Server 2019 updated to the last security version; Both machine and user are on the same OU with "no heritage" enabled and just one policy added to permit usern...@domain.com.br to become root; The info header directory is "/home/jzprates" on both logs because I've collected them using the local account using "sudo adsysctl update -m -vvvv"; If I disable Adsys login on pam-auth-update, Ubuntu creates a homedir and enter correctly with domain users. ProblemType: Bug DistroRelease: Ubuntu 23.04 Package: adsys 0.11.0 ProcVersionSignature: Ubuntu 6.2.0-23.23-generic 6.2.12 Uname: Linux 6.2.0-23-generic x86_64 ApportVersion: 2.26.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Mon Jun 19 11:22:10 2023 InstallationDate: Installed on 2023-06-13 (5 days ago) InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 (20230223) RelatedPackageVersions: sssd 2.8.1-1ubuntu1 python3-samba 2:4.17.7+dfsg-1ubuntu1 SourcePackage: adsys UpgradeStatus: Upgraded to lunar on 2023-06-16 (2 days ago) modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf: [deleted] modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2024377/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
