Comment 0 for bug 574443

Revision history for this message
Georges Martin (jrjsmrtn) wrote :

Binary package hint: likewise-open

1/ lsb_release -rd:
Description: Ubuntu 10.04 LTS
Release: 10.04

2/ apt-cache policy likewise-open
likewise-open:
  Installed: 5.4.0.42111-2ubuntu1
  Candidate: 5.4.0.42111-2ubuntu1
  Version table:
 *** 5.4.0.42111-2ubuntu1 0
        500 http://be.archive.ubuntu.com/ubuntu/ lucid/main Packages
        100 /var/lib/dpkg/status

3/ After a do-release-upgrade from 9.10 server to 10.04, I expected my ActiveDirectory logins to still work as expected...

4/ ...unfortunately, the upgrade mangled some settings and the ActiveDirectory logins were not possible anymore

I found out that the "require-membership-of" setting of /etc/likewise-open5/lsassd.conf was not correctly transferred to the new "RequireMembershipOf" registry key.

More precisely, the setting:

    require-membership-of = DOMAIN\group1,DOMAIN\group2

became:

    "RequireMembershipOf" "DOMAINgroup1,DOMAINgroup2"

instead of:

    "RequireMembershipOf" "DOMAIN\\group1" "DOMAIN\\group2"

Thus, the following procedure (partially) resolved the issue:

    sudo lwregshell
        cd HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory
 set_value "RequireMembershipOf" "DOMAIN\\group1" "DOMAIN\\group2"
 <ctrl-D>

    sudo lw-refresh-configuration

(I say "partially" because now I'm forced to use keyboard-interactive authentication when connecting with PuTTY. But I suppose it's another bug I have to track... :-| )