The test plan was executed for Jammy (22.04) and I confirm it was successful.
The package version used for the tests is the one proposed, as can be seen by
the output of apt-cache policy:
adsys:
Installed: 0.14.3~22.04
Candidate: 0.14.3~22.04
Version table:
*** 0.14.3~22.04 500
500 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages
The following steps were executed:
1) Create a fresh VM with Ubuntu 22.04;
2) Join an active directory domain (created for test purposes);
3) Install adsys;
4) In the AD server, configure a GPO and then rename the Registry.pol file to
registry.pol;
- The file can be found in
\\{domain}\SYSVOL\{domain}\Policies\{policyID}\{User or Machine}
5) Authenticate on the Ubuntu client with an AD user to which the policy should
be applied;
After step 5, adsys properly resolves the lowercased registry.pol file
and correctly applies the GPO to the user.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.
https://bugs.launchpad.net/bugs/2080390
Title:
[SRU] Adsys can't properly resolve registry.pol vs Regristry.pol
Status in adsys package in Ubuntu:
Fix Released
Status in adsys source package in Jammy:
Fix Committed
Status in adsys source package in Noble:
Fix Committed
Bug description:
[Impact]
adsys is only able to parse .pol files exactly named "Registry.pol".
With this, it is now able to ignore casing on the registry file and
behave more similarly to what Windows machines do (as they ignore
casing).
[Test Plan]
1. Configure a GPO in the AD controller and rename the registry file to
"registry.pol"
- File can be found at "\\domain.com\sysvol\policies\{policy-id}"
2. Install adsys and update the policies
- `adsysctl policy update --all`
3. adsys should correctly fetch and apply all policies, regardless of
the registry name format;
[Where Problems Could Occur]
Due to adsys not being able to parse these files before, some policies
that weren't applied before on the client due to this issue will be
applied now. This could cause behaviors that were unexpected by the AD
administrators (depending on how the GPOs were configured).
[Original Description]
We're conducting tests to validate Ubuntu Pro 24.04 as supported
corporate OS, we managed to integrate it with AD and fetch gpo's with
adsys, however our domain controllers sends some GPO's in a file named
`Registry.pol` which is what adsys expects[2], while other policies
come as `registry.pol` which adsys doesn't read[3].
If I create a symlink from registry.pol to Registry.pol the GPO is
applied fine.:
root@deskun:/var/cache/adsys/sysvol/Policies/{8C89C929-97A5-4B64-BD71-E56B91D56A16}/User#
ls -l
total 12
lrwxrwxrwx 1 root root 12 Sep 5 19:48 Registry.pol -> registry.pol
-rw------- 1 root root 552 Sep 5 19:36 comment.cmtx
-rw------- 1 root root 4960 Sep 5 19:36 registry.pol
[2]
https://github.com/ubuntu/adsys/blob/5dc6cd8707b8b0c597fd01e9525ae9bcc668c217/internal/ad/ad.go#L513
[3]: level=debug msg="github.com/ubuntu/adsys/internal/ad/ad.go:527
(*AD).parseGPOs.func1() Policy \"Workstations - Piloto Ubuntu\"
doesn't have any policy for class \"user\" open
/var/cache/adsys/sysvol/Policies/{8C89C929-97A5-4B64-BD71-E56B91D56A16}/User/Registry.pol:
no such file or directory"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2080390/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
