Uploaded image for project: 'Facter'
  1. Facter
  2. FACT-2923

Domain on Windows should be retrieved priority from registry

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • FACT 4.0.48
    • FACT 4.0.50
    • Facter 4
    • Night's Watch
    • 1
    • NW - 2021-02-03
    • Needs Assessment
    • Bug Fix
    • Hide
      Description of the problem: Facter 4 prioritizes network interface domain names over the registry information on Windows. This is a problem because it affects how the agent determines its Puppet[:certname] and can cause agents to try to retrieve a new client certificate under a different name.

      Description of the fix: Retrieve networking domain on Windows with priority from registry.
      Show
      Description of the problem: Facter 4 prioritizes network interface domain names over the registry information on Windows. This is a problem because it affects how the agent determines its Puppet[:certname] and can cause agents to try to retrieve a new client certificate under a different name. Description of the fix: Retrieve networking domain on Windows with priority from registry.
    • Needs Assessment

    Description

      Facter 4.0.48 (in Pull Request 2245) resolved a regression in gem-based Facter 4.0.x that did not check for domain name in registry on Windows machines (filed as FACT-2882).

      This resolution however prioritizes network interface domain names in favor of the registry information. Puppet 6 and Facter 3 prioritized the registry entries, so this is a regression (or at least, a notable change in behavior).

      This is important for domain-joined machines, which store their domain name information in the registry. They may have a network interface with a different domain name received over DHCP, which may be hard to remove depending on the networking circumstances. For these machines where both network adapters have a domain name, and the registry has a domain name, if there is a mismatch, the argument is that the registry is a more safe option to default to.

      Attachments

        Issue Links

          Activity

            People

              oana.tanasoiu Oana Tanasoiu
              oana.tanasoiu Oana Tanasoiu
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support