diff --git a/SOURCES/0001-delete-do-not-exit-if-keytab-cannot-be-read.patch b/SOURCES/0001-delete-do-not-exit-if-keytab-cannot-be-read.patch
new file mode 100644
index 0000000..15aaf07
--- /dev/null
+++ b/SOURCES/0001-delete-do-not-exit-if-keytab-cannot-be-read.patch
@@ -0,0 +1,32 @@
+From 40d3be22f6e518e4354aa7c3d0278291fcbed32f Mon Sep 17 00:00:00 2001
+From: Sumit Bose <sbose@redhat.com>
+Date: Fri, 5 Jun 2020 17:06:58 +0200
+Subject: [PATCH] delete: do not exit if keytab cannot be read
+
+Reading the keytab is not required when deleting a host object in AD. It
+is only needed in the case where the host was added with a manual set
+NetBIOS name (--computer-name option) which does not match the short
+hostname and no computer name was given at the delete-computer command
+line.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1840752
+---
+ tools/computer.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/tools/computer.c b/tools/computer.c
+index 292c4d8..a90c4b2 100644
+--- a/tools/computer.c
++++ b/tools/computer.c
+@@ -952,8 +952,6 @@ adcli_tool_computer_delete (adcli_conn *conn,
+ if (res != ADCLI_SUCCESS) {
+ warnx ("couldn't lookup domain info from keytab: %s",
+ adcli_get_last_error ());
+- adcli_enroll_unref (enroll);
+- return -res;
+ }
+
+ res = adcli_conn_connect (conn);
+--
+2.26.2
+
diff --git a/SOURCES/0001-discovery-fix.patch b/SOURCES/0001-discovery-fix.patch
new file mode 100644
index 0000000..a296f91
--- /dev/null
+++ b/SOURCES/0001-discovery-fix.patch
@@ -0,0 +1,27 @@
+From 08bac0946de29f3e5de90743ce6dfc7118d4ad20 Mon Sep 17 00:00:00 2001
+From: Sumit Bose <sbose@redhat.com>
+Date: Tue, 11 Feb 2020 17:42:03 +0100
+Subject: [PATCH] discovery fix
+
+Do not continue processing on closed connection.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1802258
+---
+ library/addisco.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/library/addisco.c b/library/addisco.c
+index 6e73ead..f3b3546 100644
+--- a/library/addisco.c
++++ b/library/addisco.c
+@@ -622,6 +622,7 @@ ldap_disco (const char *domain,
+ "Couldn't perform discovery search");
+ ldap_unbind_ext_s (ldap[i], NULL, NULL);
+ ldap[i] = NULL;
++ continue;
+ }
+
+ /* From https://msdn.microsoft.com/en-us/library/ff718294.aspx first
+--
+2.25.2
+
diff --git a/SOURCES/0001-man-move-note-to-the-right-section.patch b/SOURCES/0001-man-move-note-to-the-right-section.patch
new file mode 100644
index 0000000..2cbe93f
--- /dev/null
+++ b/SOURCES/0001-man-move-note-to-the-right-section.patch
@@ -0,0 +1,48 @@
+From d2d3879bdfcea70757a8b0527882e79e8b5c6e70 Mon Sep 17 00:00:00 2001
+From: Sumit Bose <sbose@redhat.com>
+Date: Wed, 27 Nov 2019 18:26:44 +0100
+Subject: [PATCH] man: move note to the right section
+
+Unfortunately the note about the password lifetime was added to the join
+section. This patch move it to the update section where it belongs to.
+
+Related to https://bugzilla.redhat.com/show_bug.cgi?id=1738573
+ https://bugzilla.redhat.com/show_bug.cgi?id=1745931
+ https://bugzilla.redhat.com/show_bug.cgi?id=1774622
+---
+ doc/adcli.xml | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/doc/adcli.xml b/doc/adcli.xml
+index 4f201e0..9faf96a 100644
+--- a/doc/adcli.xml
++++ b/doc/adcli.xml
+@@ -330,11 +330,7 @@ Password for Administrator:
+ important here is currently the
+ <option>workgroup</option> option, see
+ <citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+- for details.</para>
+- <para>Note that if the machine account password is not
+- older than 30 days, you have to pass
+- <option>--computer-password-lifetime=0</option> to
+- force the update.</para></listitem>
++ for details.</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>--samba-data-tool=<parameter>/path/to/net</parameter></option></term>
+@@ -472,7 +468,11 @@ $ adcli update --login-ccache=/tmp/krbcc_123
+ important here is currently the
+ <option>workgroup</option> option, see
+ <citerefentry><refentrytitle>smb.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+- for details.</para></listitem>
++ for details.</para>
++ <para>Note that if the machine account password is not
++ older than 30 days, you have to pass
++ <option>--computer-password-lifetime=0</option> to
++ force the update.</para></listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>--samba-data-tool=<parameter>/path/to/net</parameter></option></term>
+--
+2.25.2
+
diff --git a/SOURCES/0001-tools-disable-SSSD-s-locator-plugin.patch b/SOURCES/0001-tools-disable-SSSD-s-locator-plugin.patch
new file mode 100644
index 0000000..07d791e
--- /dev/null
+++ b/SOURCES/0001-tools-disable-SSSD-s-locator-plugin.patch
@@ -0,0 +1,41 @@
+From 50d580c58dab5928cadfc6ca82aedccee58eaced Mon Sep 17 00:00:00 2001
+From: Sumit Bose <sbose@redhat.com>
+Date: Fri, 5 Jun 2020 17:28:28 +0200
+Subject: [PATCH] tools: disable SSSD's locator plugin
+
+MIT's libkrb5 checks available locator plugins first before checking the
+config file. This might cause issues when the locator plugin returns a
+different DC than the one used for the LDAP connection if some data must
+be replicated.
+
+This patch sets the SSSD_KRB5_LOCATOR_DISABLE environment variable to
+'true' to disable SSSD's locator plugin for adcli.
+
+Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1762633
+---
+ tools/tools.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tools/tools.c b/tools/tools.c
+index 9d422f2..1b6d879 100644
+--- a/tools/tools.c
++++ b/tools/tools.c
+@@ -296,6 +296,7 @@ cleanup_krb5_conf_directory (void)
+ }
+
+ unsetenv ("KRB5_CONFIG");
++ unsetenv ("SSSD_KRB5_LOCATOR_DISABLE");
+ }
+
+ static void
+@@ -394,6 +395,7 @@ setup_krb5_conf_directory (adcli_conn *conn)
+ adcli_krb5_conf_filename = filename;
+ adcli_krb5_d_directory = snippets;
+ setenv ("KRB5_CONFIG", adcli_krb5_conf_filename, 1);
++ setenv ("SSSD_KRB5_LOCATOR_DISABLE", "true", 1);
+
+ } else {
+ free (filename);
+--
+2.26.2
+
diff --git a/SPECS/adcli.spec b/SPECS/adcli.spec
index 0ebe6b9..d5eed34 100644
--- a/SPECS/adcli.spec
+++ b/SPECS/adcli.spec
@@ -1,6 +1,6 @@
Name: adcli
Version: 0.8.1
-Release: 13%{?dist}
+Release: 15%{?dist}
Summary: Active Directory enrollment
License: LGPLv2+
URL: http://cgit.freedesktop.org/realmd/adcli
@@ -113,6 +113,18 @@ Patch64: 0001-Make-adcli-info-DC-location-mechanism-more-compliant.patch
Patch65: 0001-Use-GSS-SPNEGO-if-available.patch
Patch66: 0002-add-option-use-ldaps.patch
+#rhbz#1774622 - Update' adcli update --add-samba-data ' info under correct section in man adcli
+Patch67: 0001-man-move-note-to-the-right-section.patch
+
+# rhbz#1802258 - [abrt] [faf] adcli: raise(): /usr/sbin/adcli killed by 6
+Patch68: 0001-discovery-fix.patch
+
+# rhbz#1840752 - No longer able to delete computer from AD using adcli
+Patch69: 0001-delete-do-not-exit-if-keytab-cannot-be-read.patch
+
+# rhbz#1762633 - adcli: presetting $computer in $domain domain failed: Cannot set computer password: Authentication error
+Patch70: 0001-tools-disable-SSSD-s-locator-plugin.patch
+
BuildRequires: intltool pkgconfig
BuildRequires: libtool
BuildRequires: gettext-devel
@@ -161,6 +173,17 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
%doc %{_mandir}/*/*
%changelog
+* Mon Jun 08 2020 Sumit Bose <sbose@redhat.com> - 0.8.1-15
+- More fixes for RHEL-7.9
+- No longer able to delete computer from AD using adcli [#1840752]
+- adcli: presetting $computer in $domain domain failed: Cannot set computer
+ password: Authentication error [#1762633]
+
+* Sun Apr 19 2020 Sumit Bose <sbose@redhat.com> - 0.8.1-14
+- Fixes for RHEL-7.9
+- Update' adcli update --add-samba-data ' info under correct section in man adcli [#1774622]
+- [abrt] [faf] adcli: raise(): /usr/sbin/adcli killed by 6 [#1802258]
+
* Tue Jan 14 2020 Sumit Bose <sbose@redhat.com> - 0.8.1-13
- adcli should be able to Force LDAPS over 636 with AD Access Provider w.r.t sssd [#1786776]