Bug 1158809

Summary: Enumeration shows only a single group multiple times
Product: Red Hat Enterprise Linux 7 Reporter: Kaushik Banerjee <kbanerje>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Kaushik Banerjee <kbanerje>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.1CC: grajaiya, jgalipea, lslebodn, mkosek, pbrezina, preichl
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.12.2-7.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-05 10:34:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Kaushik Banerjee 2014-10-30 09:50:06 UTC 
Description of problem:
Group enumeration shows only a single group multiple times

Version-Release number of selected component (if applicable):
sssd-1.12.2-5.el7

How reproducible:
Always

Steps to Reproduce:
1. Setup sssd with the following in domain section:
[domain/LDAP]
debug_level=0xFFF0
id_provider = ldap
ldap_uri = ldap://<ldapserver>
ldap_search_base = dc=example,dc=com
ldap_group_search_base = ou=Groups,dc=example,dc=com
enumerate=true

2. My ldapserver has the following groups:

# ldapsearch -x -LLL -h <ldapserver> -b 'ou=Groups,dc=example,dc=com' '(&(objectClass=posixGroup)(cn=*)(gidNumber=*)(!(gidNumber=0)))' dn
dn: cn=kau2_grp1,ou=Groups,dc=example,dc=com

dn: cn=kau4_Grp1,ou=Groups,dc=example,dc=com

dn: cn=kau5_grp1,ou=Groups,dc=example,dc=com

dn: cn=kau6_grp1,ou=Groups,dc=example,dc=com

dn: cn=Kau7_grp1,ou=Groups,dc=example,dc=com

dn: cn=kau9_grp1,ou=Groups,dc=example,dc=com

dn: cn=kau10_grp1,ou=Groups,dc=example,dc=com

dn: cn=Kau11_grp1,ou=Groups,dc=example,dc=com

dn: cn=grp_nst_mid2,ou=Groups,dc=example,dc=com

dn: cn=grp_nst_mid1,ou=Groups,dc=example,dc=com

dn: cn=grp_nst_top,ou=Groups,dc=example,dc=com

dn: cn=User_CS1_grp1,ou=Groups,dc=example,dc=com

dn: cn=kau20_grp1,ou=Groups,dc=example,dc=com

dn: cn=kau20_grp2,ou=Groups,dc=example,dc=com

dn: cn=group test,ou=Groups,dc=example,dc=com


3. getent -s sss group


Actual results:
# getent -s sss group
User_CS1_grp1:*:304560:User_CS1
User_CS1_grp1:*:123456:grp_nst_mid2
User_CS1_grp1:*:1234567:nst_user1
User_CS1_grp1:*:12345:grp_nst_mid1
User_CS1_grp1:*:1111111:Kau11
User_CS1_grp1:*:99999:user test
User_CS1_grp1:*:101010:kau10
User_CS1_grp1:*:202020:kau20
User_CS1_grp1:*:202021:kau20
User_CS1_grp1:*:7777:kau7
User_CS1_grp1:*:2222:kau2
User_CS1_grp1:*:4444:kau4
User_CS1_grp1:*:5555:kau5
User_CS1_grp1:*:6666:kau6
User_CS1_grp1:*:9999:kau9


Expected results:


Additional info:
Comment 2 Jakub Hrozek 2014-10-30 10:07:27 UTC 
Upstream ticket:
https://fedorahosted.org/sssd/ticket/2475
Comment 3 Jakub Hrozek 2014-10-30 10:29:31 UTC 
master: 4b2b722319f11c81c06f488f3962a6b6280f4b9f
Comment 5 Kaushik Banerjee 2014-12-03 10:36:42 UTC 
Verified in version 1.12.2-28.el7

# getent -s sss group
User_CS1_grp1:*:304560:User_CS1
grp_nst_mid1:*:123456:grp_nst_mid2
grp_nst_mid2:*:1234567:nst_user1
puser21_grp1:*:1321:puser21
grp_nst_top:*:12345:grp_nst_mid1
Kau11_grp1:*:1111111:Kau11
group test:*:99999:user test
kau10_grp1:*:101010:kau10
kau20_grp1:*:202020:kau20
kau20_grp2:*:202021:kau20
Kau7_grp1:*:7777:
kau1_grp1:*:1111:kau1
kau2_grp1:*:2222:kau2
kau4_Grp1:*:4444:
kau5_grp1:*:5555:kau5
kau6_grp1:*:6666:
kau9_grp1:*:9999:kau9
Comment 7 errata-xmlrpc 2015-03-05 10:34:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0441.html