On Mon, 2011-09-12 at 17:53 +0200, Sumit Bose wrote: [..] > > > I can now run 'smbclient -k -L' on my test system wit hthe recent samba > patch.
Sorry a couple more nitpicks. Trying to reinstall ipa-adtrust-install it returned immediately with "Aborting Installation" and no explanation whatsoever. Turned out it saw there was the IPA autogenerated text in smb.conf and decided to get out. - 2 issues here: 1) no information (I had to check the code to see what reported that error message), so we need a reason nif we abort. 2) In interactive mode we should ask if we want to proceed anyway I think (to make it simpler to test it on an already enabled tree), but can be convinced it is safer to just abort. - Once I fixed that by removing smb.conf and all tdbs to be sure, it failed because smb.conf was not found, we should not require to find it if we are going to wipe it anyway. If it is not there we should just go on and create one. - Then it correctly detected the samba sysaccount user existed and decided not to reset the password. Not sure why, if we proceeed and reset the password in both ldap and secrets.tdb we are sure they are the same, if we don't we just risk having no password (I wiped out secrets.tdb and running ipa-adtruct-install again is the fastest way to get that restered). I think you should always reset that password. - The installation also failed because the service entry under the master entry already existed. We should probably ignore and proceed, in case of existing object. Not fail. Except for these points I had to set SELinux in permissive mode in order to run the epmd, we need to track SELinux changes in a ticket I think. I wasn't able to test smbclient -k yes due to another bug in smbd but the install seem fine so far, and I was able to get a ticket for cifs/ w/o any issue, and auth seemed to work. So if the nitpicks above get fixed it should be the last revision. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
