Bug 1034920
| Summary: | RHEL7 sssd not setting IPA AD trusted user homedir | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Scott Poore <spoore> |
| Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Kaushik Banerjee <kbanerje> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.0 | CC: | dpal, grajaiya, jgalipea, lslebodn, mkosek, nsoman, pbrezina |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | sssd-1.11.2-27.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-06-13 09:23:36 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Interestingly enough, I just installed an IPA client and it had different results: [root@rhel7-3 ~]# getent passwd aduser.TEST aduser.test:*:551801123:551801123::/home/ad2.example.test/aduser: [root@rhel7-3 ~]# grep homedir /etc/sssd/sssd.conf [root@rhel7-3 ~]# Upstream ticket: https://fedorahosted.org/sssd/ticket/2169 * master: 1dc7694a1cbc62b0d7e23cc1369579e5ce0071e8 * sssd-1-11: f2e7b694c2f037ff4f3b73e1d10750de4ac02b41 Verified. Version :: sssd-1.11.2-27.el7.x86_64 Test Results :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa_trust_func_bug_1034920: RHEL7 sssd not setting IPA AD trusted user homedir :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Running 'getent passwd 'AD2\Administrator' > /tmp/tmpout.ipa_trust_func_bug_1034920 2>&1' (Expected 0, got 0) administrator.test:*:551800500:551800500:Administrator:/home/ad2.example.test/administrator: :: [ PASS ] :: Running 'cat /tmp/tmpout.ipa_trust_func_bug_1034920' (Expected 0, got 0) :: [ 09:59:17 ] :: HOMEDIR /home/ad2.example.test/administrator expected :: [ PASS ] :: BZ 1034920 not found More related patches landed upstream:
master:
8263ecef6f5c6dab802fdabaf57c25fd2fcf692e
99bde105680e0202ab451623ff7201a90824b780
e684f302ba5cdb2d822fa8551e9f9614d4cd46d6
sssd-1-11:
fba393bc85e28f517aefa9c0c18608a2bf58937b
653e5175a717a3eff6f7d6e74684e668743fea72
b85f4eaa1f0e48f6040e34103fbbfe9ea55ee993
007c086926ae6f750a4f47a0322698506c363aad
This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request. |
Description of problem: IPA server with AD trust setup is showing AD users homedir as root (/) by default: [root@rhel7-1 sssd]# getent passwd aduser.TEST aduser.test:*:551801123:551801123:aduser:/: [root@rhel7-1 sssd]# grep homedir /etc/sssd/sssd.conf [root@rhel7-1 sssd]# It appears the same even if I set subdomain_homedir [root@rhel7-1 sssd]# service sssd stop Redirecting to /bin/systemctl stop sssd.service [root@rhel7-1 sssd]# rm -rf /var/lib/sss/{mc,db}/* [root@rhel7-1 sssd]# vi /etc/sssd/sssd.conf [domain/testrelm.com] ... subdomain_homedir = /home/%d/%u ... [root@rhel7-1 sssd]# service sssd start Redirecting to /bin/systemctl start sssd.service [root@rhel7-1 sssd]# getent passwd aduser.TEST aduser.test:*:551801123:551801123:aduser:/: But, if I set override_homedir, it works: [root@rhel7-1 sssd]# service sssd stop Redirecting to /bin/systemctl stop sssd.service [root@rhel7-1 sssd]# rm -rf /var/lib/sss/{mc,db}/* [root@rhel7-1 sssd]# vi /etc/sssd/sssd.conf ... [domain/testrelm.com] ... override_homedir = /home/%d/%u ... [root@rhel7-1 sssd]# service sssd start Redirecting to /bin/systemctl start sssd.service [root@rhel7-1 sssd]# getent passwd aduser.TEST aduser.test:*:551801123:551801123:aduser:/home/ad2.example.test/aduser.test: Shouldn't that have been there from the default? Version-Release number of selected component (if applicable): sssd-1.11.2-1.el7.x86_64 ipa-server-3.3.3-5.el7.x86_64 How reproducible: unknown Steps to Reproduce: 1. Setup AD server with user aduser 2. Setup IPA server with trust to AD 3. getent passwd 'aduser' Actual results: homedir is / Expected results: homedir is /home/AD.DOMAIN/aduser Additional info: