** Description changed: Binary package hint: likewise-open 1/ lsb_release -rd: Description: Ubuntu 10.04 LTS Release: 10.04 2/ apt-cache policy likewise-open likewise-open: - Installed: 5.4.0.42111-2ubuntu1 - Candidate: 5.4.0.42111-2ubuntu1 - Version table: - *** 5.4.0.42111-2ubuntu1 0 - 500 http://be.archive.ubuntu.com/ubuntu/ lucid/main Packages - 100 /var/lib/dpkg/status + Installed: 5.4.0.42111-2ubuntu1 + Candidate: 5.4.0.42111-2ubuntu1 + Version table: + *** 5.4.0.42111-2ubuntu1 0 + 500 http://be.archive.ubuntu.com/ubuntu/ lucid/main Packages + 100 /var/lib/dpkg/status 3/ After a do-release-upgrade from 9.10 server to 10.04, I expected my ActiveDirectory logins to still work as expected... 4/ ...unfortunately, the upgrade mangled some settings and the ActiveDirectory logins were not possible anymore I found out that the "require-membership-of" setting of /etc/likewise- open5/lsassd.conf was not correctly transferred to the new "RequireMembershipOf" registry key. More precisely, the setting: - require-membership-of = DOMAIN\group1,DOMAIN\group2 + require-membership-of = DOMAIN\group1,DOMAIN\group2 became: - "RequireMembershipOf" "DOMAINgroup1,DOMAINgroup2" + "RequireMembershipOf" "DOMAINgroup1,DOMAINgroup2" instead of: - "RequireMembershipOf" "DOMAIN\\group1" "DOMAIN\\group2" + "RequireMembershipOf" "DOMAIN\\group1" "DOMAIN\\group2" Thus, the following procedure (partially) resolved the issue: - sudo lwregshell - cd HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory - set_value "RequireMembershipOf" "DOMAIN\\group1" "DOMAIN\\group2" - <ctrl-D> + sudo lwregshell + cd HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory + set_value "RequireMembershipOf" "DOMAIN\\group1" "DOMAIN\\group2" + <ctrl-D> - sudo lw-refresh-configuration + sudo lw-refresh-configuration (I say "partially" because now I'm forced to use keyboard-interactive authentication when connecting with PuTTY. But I suppose it's another bug I have to track... :-| ) + + + IMPACT STATEMENT + ================ + + Users cannot rely on lwregshell to correctly import values from the .reg + files, leading to unpredictable and possibly undesirable results. + + + TEST CASE + ========= + + 1. set RequireMembershipOf to desired groups in /etc/likewise-open/lsassd.reg + 2. import into registry + 3. inspect registry values + + grep "Membership" /etc/likewise-open/lsassd.reg + "RequireMembershipOf"=sza:"EXAMPLE\\test^users" + # lwregshell import /etc/likewise-open/lsassd.reg + # lw-refresh-configuration + # lwregshell + # + + "RequireMembershipOf" REG_MULTI_SZ[0] + "EXAMPLEtest^users" + + + Note improper import of '\\' characters.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/574443 Title: likewise-open5 upgrade mangles RequireMembershipOf settings -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
