Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1261485
Description of problem: Need command to display SID blacklists [incoming/outgoing] Version-Release number of selected component (if applicable): How reproducible:Always Steps to Reproduce: 1. Login to IPA server 2. sudo ipa-adtrust-install 3. Ensure that the trust is established successfully. 4. Check the output Actual results: 4. When the trust is added successfully the output displays both incoming/outgoing SID's [root@ipaserver ~]# ipa trust-add Realm name: testqa.in Active Directory domain administrator: administrator Active Directory domain administrator's password: -------------------------------------------------- Added Active Directory trust for realm "testqa.in" -------------------------------------------------- Realm name: testqa.in Domain NetBIOS name: TESTQA Domain Security Identifier: S-1-5-21-1521174288-3006602325-1802481311 SID blacklist incoming: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17, S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19, S-1-5-18 SID blacklist outgoing: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5,S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17, S-1-5-16, S-1-5-15, S-1-5-14,S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19, S-1-5-18 Trust direction: Trusting forest Trust type: Active Directory domain Trust status: Established and verified Expected results: 1. The SID's are shown only when the trust is added and if we want to check the SID using command line there is no such command line option except seeing it in the web ui. 2. 'ipa trust-show' command can include the output for SID's. Hence logging the RFE for command line tool. Additional info:
Metadata Update from @pvoborni: - Issue assigned to someone - Issue set to the milestone: FreeIPA 4.5 backlog
Login to comment on this ticket.