Bug 1120508
Summary: | tokengroups do not work with id_provider=ldap | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Jakub Hrozek <jhrozek> |
Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> |
Status: | CLOSED ERRATA | QA Contact: | Kaushik Banerjee <kbanerje> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.0 | CC: | dpal, grajaiya, jagee, jgalipea, lslebodn, mkosek, pbrezina, preichl, sbose |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.11.6-12.el6 | Doc Type: | Bug Fix |
Doc Text: |
No Documentation Needed
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2014-10-14 04:49:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jakub Hrozek
2014-07-17 05:52:13 UTC
To test, simply configure the SSSD with: id_provider = ldap ldap_schema = ad And run: id user Will try to reproduce with the steps from comment #1 master: * 1614e1b25a98ff2f03648c4bf61d750fb688285a * b12e2500237f33c44807d7e5b377ec06007c7252 sssd-1-11: * 5001bab712149a27ab37697d487b3f51082df26d * deb0cc874606db31f454531c03d381fe0de76bd6 When testing with settings we see the No ID ctx available message on early builds but not in later ones. id_provider = ldap ldap_schema = ad id tuser sssd-1.11.6-1.el6 (Tue Sep 16 16:13:16 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_initgr_posix_send] (0x0020): No ID ctx available for [sssdad.com]. sssd-1.11.6-30.el6 (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-32-545] (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x0400): Missing SID S-1-5-32-545 will be downloaded (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-3643] (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x0400): Missing SID S-1-5-21-449164774-889306861-2878230833-3643 will be downloaded (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-513] (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x0400): Missing SID S-1-5-21-449164774-889306861-2878230833-513 will be downloaded (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-3642] (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-3644] (Tue Sep 16 16:16:52 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x0400): Missing SID S-1-5-21-449164774-889306861-2878230833-3644 will be downloaded (Tue Sep 16 16:16:53 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-32-545] (Tue Sep 16 16:16:53 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-3643] (Tue Sep 16 16:16:53 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-513] (Tue Sep 16 16:16:53 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_get_posix_members] (0x1000): Processing membership SID [S-1-5-21-449164774-889306861-2878230833-3644] (Tue Sep 16 16:16:53 2014) [sssd[be[sssdad.com]]] [sdap_ad_tokengroups_update_members] (0x1000): Updating memberships for [tuser] :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: bug_automation_006: BZ 1120508 tokengroups do not work with id_provider=ldap :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Command 'id testuser02' (Expected 0, got 0) :: [ PASS ] :: File '/var/log/sssd/sssd_sssdad.com.log' should not contain 'No ID ctx available for \[sssdad.com\]' :: [ LOG ] :: Duration: 1s :: [ LOG ] :: Assertions: 2 good, 0 bad :: [ PASS ] :: RESULT: bug_automation_006: BZ 1120508 tokengroups do not work with id_provider=ldap Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1375.html |