#3479 ipa-adtrust-install should remove smba's credential cache file and restart winbind
Closed: Fixed None Opened 11 years ago by sbose.

Restart winbind:

Currently winbind is started at the end of ipa-adtrust-install in the __start() method, but is not stopped at the beginning of ipa-adtrust-install in the __stop() method.

Remove samba's credential cache:

I think it would be useful to remove the the credential cache file of samba /var/run/samba/krb5cc_samba before samba and winbind are started in ipa-adtrust-install. This is typically not necessary in production enviroments, but might be good to have a clean environment after reconfiguration. Additionally it would be helpful for testing environments were FreeIPA is reinstalled regular.


It looks like on uninstall the keytab is also left in /etc/samba/samba.keytab and the tdb files in /var/lib/samba.

Rename "trusts" component to "Trusts" to achieve correct sorting.

Tomas found out that AD CI tests being run on one machine may fail because of the uninstalled samba files. This means we will need to fix this ticket sooner than expected.

Tomas, please work with Alexander on defining what needs to be cleaned up.

master:[[BR]]
ed3d184 adtrustinstance: Move attribute definitions from setup to init method[[BR]]
d769b12 adtrustinstance: Properly handle uninstall of AD trust instance[[BR]]
45e310e ipa-adtrust-install: Add warning that we will break existing samba configuration[[BR]]
4a95a50 ipa-upgradeconfig: Remove backed up smb.conf[[BR]]

ipa-3-3:[[BR]]
1b13a95 adtrustinstance: Move attribute definitions from setup to init method[[BR]]
be7dbd2 adtrustinstance: Properly handle uninstall of AD trust instance[[BR]]
f369368 ipa-adtrust-install: Add warning that we will break existing samba configuration[[BR]]
2c4928f ipa-upgradeconfig: Remove backed up smb.conf[[BR]]

Metadata Update from @sbose:
- Issue assigned to tbabej
- Issue set to the milestone: FreeIPA 3.3.x - 2013/10 (bug fixing)

7 years ago

ipa-4-9:

  • 8c52050 ipatests: ipa-adtrust-install command test scenarios

Login to comment on this ticket.

Metadata