Hi Rolf, I sincerely apologise for causing this regression, it seems my testing was not good enough during the recent SRU.
I recently made a change to adcli in bug 1868703 to add the --use-ldaps flag, so adcli can communicate with a domain controller over LDAPS. It also introduced a change where it will use GSS-SPENGO by default, and enforce channel signing, over doing everything in cleartext, which was the old default. The good news is that it seems to be limited to Bionic only, and even though Focal got the exact same patches, Focal seems unaffected. For anyone experiencing this bug, you can downgrade to a working adcli with: $ sudo apt install adcli=0.8.2-1 I am working to fix this now. Comparison of logging and packet traces from various versions: Bionic adcli 0.8.2-1 https://paste.ubuntu.com/p/NWHGQn746D/ Bionic adcli 0.8.2-1ubuntu1 https://paste.ubuntu.com/p/WRnnRMGBPm/ Focal adcli 0.9.0-1ubuntu0.20.04.1 https://paste.ubuntu.com/p/8668pJrr2m/ We can see that Bionic 0.8.2-1ubuntu1 stops at Couldn't lookup computer account: BIONIC$: Can't contact LDAP server Starting debugging now. Will update soon. ** Changed in: adcli (Ubuntu) Status: Confirmed => Fix Released ** Changed in: adcli (Ubuntu Bionic) Status: New => In Progress ** Changed in: adcli (Ubuntu Bionic) Importance: Undecided => High ** Changed in: adcli (Ubuntu Bionic) Assignee: (unassigned) => Matthew Ruffell (mruffell) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1906627 Title: adcli fails, can't contact LDAP server To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adcli/+bug/1906627/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
