Use the hostname shortened for AD. (#20735)

lhellebr · web-flow · commit 05b34f815cb9 · 2026-02-12T16:19:47.000+01:00
Use the hostname shortened for AD.

Otherwise, the Service ticket won't be obtained because the client won't
be found by the unshortened hostname. Remember, AD can only count to 15.
diff --git a/pytest_fixtures/component/satellite_auth.py b/pytest_fixtures/component/satellite_auth.py
@@ -441,12 +441,12 @@ def rhsso_setting_setup_with_timeout(module_target_sat, rhsso_setting_setup):
 
 @pytest.fixture(scope='module')
 def module_enroll_ad_and_configure_external_auth(ad_data, module_target_sat):
-    module_target_sat.enroll_ad_and_configure_external_auth(ad_data)
+    return module_target_sat.enroll_ad_and_configure_external_auth(ad_data)
 
 
 @pytest.fixture
 def func_enroll_ad_and_configure_external_auth(ad_data, target_sat):
-    target_sat.enroll_ad_and_configure_external_auth(ad_data)
+    return target_sat.enroll_ad_and_configure_external_auth(ad_data)
 
 
 @pytest.fixture
diff --git a/robottelo/hosts.py b/robottelo/hosts.py
@@ -2486,6 +2486,7 @@ def enroll_ad_and_configure_external_auth(self, ad_data):
 
         :param ad_data: Callable method that returns AD server details
         :type ad_data: Callable
+        :return: New Satellite hostname if hostname changed, otherwise None
         """
         ad_data = ad_data()
         version_dependent = (
@@ -2529,6 +2530,7 @@ def enroll_ad_and_configure_external_auth(self, ad_data):
         # if this is an IPv6 machine, we'll probably get a hostname
         # that is TOOOO LOOOONG for Active Directory which can only count to 15
         hostname_changed = False
+        new_fqdn = None
         if self.network_type == NetworkType.IPV6:
             original_shortname = self.execute('hostname -s').stdout.strip()
             if len(original_shortname) > 15:
@@ -2652,6 +2654,8 @@ def enroll_ad_and_configure_external_auth(self, ad_data):
             self.execute('systemctl daemon-reload && systemctl restart httpd.service').status == 0
         )
 
+        return new_fqdn
+
     def generate_inventory_report(self, org, disconnected='false'):
         """Function to perform inventory upload."""
         generate_report_task = 'ForemanInventoryUpload::Async::HostInventoryReportJob'
diff --git a/tests/foreman/destructive/test_ldap_authentication.py b/tests/foreman/destructive/test_ldap_authentication.py
@@ -254,12 +254,16 @@ def test_single_sign_on_ldap_ad_server(
 
     :BZ: 1941997
     """
+    if func_enroll_ad_and_configure_external_auth is not None:
+        url = f'{settings.server.scheme}://{func_enroll_ad_and_configure_external_auth}'
+    else:
+        url = target_sat.url
     # create the kerberos ticket for authentication
     result = target_sat.execute(f'echo {settings.ldap.password} | kinit {settings.ldap.username}')
     assert result.status == 0
-    result = target_sat.execute(f'curl -k -u : --negotiate {target_sat.url}/users/extlogin/')
+    result = target_sat.execute(f'curl -k -u : --negotiate {url}/users/extlogin/')
     assert 'redirected' in result.stdout
-    assert f'{target_sat.url}/new/hosts' in result.stdout
+    assert f'{url}/new/hosts' in result.stdout
 
 
 @pytest.mark.parametrize(
