Hi Tobias, Thorstein, and anyone who is after a backport of these patches, I have completed backporting the below patches to the Bionic and Focal adcli and sssd packages, and I am looking for some help with testing. If you have some spare time, a Windows Active Directory server available, and some test Ubuntu machines, I would really appreciate help ensuring these test packages work as expected.
Source code / debdiffs for the test sssd and adcli packages are below if you are interested: Focal: sssd: https://paste.ubuntu.com/p/JCVcV26RS2/ adcli: https://paste.ubuntu.com/p/RSqSWdCYQH/ Bionic: sssd: https://paste.ubuntu.com/p/vcyYnjVdg7/ adcli: https://paste.ubuntu.com/p/SVpHZc59pq/ Please note, these test packages are NOT SUPPORTED by Canonical, and are for TEST PURPOSES ONLY. ONLY install in a dedicated test environment. Instructions to install (on a bionic or focal system): 1) sudo add-apt-repository ppa:mruffell/sf294530-test 2) sudo apt update 3) sudo apt install adcli sssd 4) sudo apt-cache policy adcli | grep Installed Installed: 0.9.0-1ubuntu0+sf294530v20201013b1 // for focal Installed: 0.8.2-1ubuntu0+sf294530v20201019b1 // for bionic 5) sudo apt-cache policy sssd | grep Installed Installed: 2.2.3-3ubuntu0+sf294530v20201012b1 // for focal Installed: 1.16.1-1ubuntu1.6+sf294530v20201021b1 // for bionic Please let me know if these test packages work as expected in regards to the "ad_use_ldaps" flag, or if you run into any problems. List of commits backported are below: adcli ===== For both Bionic and Focal: -------------------------- commit a6f795ba3d6048b32d7863468688bf7f42b2cafd Author: Sumit Bose <[email protected]> Date: Fri Oct 11 16:39:25 2019 +0200 Subject: Use GSS-SPNEGO if available Link: https://gitlab.freedesktop.org/realmd/adcli/-/commit/a6f795ba3d6048b32d7863468688bf7f42b2cafd commit 85097245b57f190337225dbdbf6e33b58616c092 Author: Sumit Bose <[email protected]> Date: Thu Dec 19 07:22:33 2019 +0100 Subject: add option use-ldaps Link: https://gitlab.freedesktop.org/realmd/adcli/-/commit/85097245b57f190337225dbdbf6e33b58616c092 sssd ==== Bionic only (dependency) ------------------------ commit 070f22f896b909c140ed7598aed2393d61a834ae Author: Sumit Bose <[email protected]> Date: Tue May 21 10:22:04 2019 +0200 Subject: sdap: inherit SDAP_SASL_MECH if not set explicitly Link: https://github.com/SSSD/sssd/commit/070f22f896b909c140ed7598aed2393d61a834ae For Bionic and Focal: --------------------- commit 090cf77a0fd5f300a753667658af3ed763a88e83 Author: Sumit Bose <[email protected]> Date: Thu Sep 26 20:24:34 2019 +0200 Subject: ad: allow booleans for ad_inherit_opts_if_needed() Link: https://github.com/SSSD/sssd/commit/090cf77a0fd5f300a753667658af3ed763a88e83 commit 341ba49b0deb42e17d535744824786c2499656b7 Author: Sumit Bose <[email protected]> Date: Thu Sep 26 20:27:09 2019 +0200 Subject: ad: add ad_use_ldaps Link: https://github.com/SSSD/sssd/commit/341ba49b0deb42e17d535744824786c2499656b7 commit 78649907b81b4bdaf8fc6a6e6ae55ed3cd5419f5 Author: Sumit Bose <[email protected]> Date: Fri Sep 27 11:49:59 2019 +0200 Subject: ldap: add new option ldap_sasl_maxssf Link: https://github.com/SSSD/sssd/commit/78649907b81b4bdaf8fc6a6e6ae55ed3cd5419f5 commit 24387e19f065e6a585b1120d5568cb4df271d102 Author: Sumit Bose <[email protected]> Date: Fri Sep 27 13:45:13 2019 +0200 Subject: ad: set min and max ssf for ldaps Link: https://github.com/SSSD/sssd/commit/24387e19f065e6a585b1120d5568cb4df271d102 Thanks, Matthew -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1868703 Title: Support new AD requirements (ADV190023) To manage notifications about this bug go to: https://bugs.launchpad.net/cyrus-sasl2/+bug/1868703/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
