Bug 1267837
Summary: | sssd_be crashed in ipa_srv_ad_acct_lookup_step | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Lukas Slebodnik <lslebodn> |
Component: | sssd | Assignee: | SSSD Maintainers <sssd-maint> |
Status: | CLOSED ERRATA | QA Contact: | Kaushik Banerjee <kbanerje> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.2 | CC: | grajaiya, jgalipea, jhrozek, ksiddiqu, lmiksik, lslebodn, mkosek, mzidek, pbrezina, preichl, sgoveas, sumenon |
Target Milestone: | rc | Keywords: | Regression |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.13.0-39.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-11-19 11:40:59 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lukas Slebodnik
2015-10-01 08:01:08 UTC
To reproduce: Establish IPA-AD trusts with POSIX attributes but do not replicate the POSIX attributes to Global Catalog. Run "getent group $adgroup". btw Sudhir was able to reproduce the crash and our fix helped him fix it. master: 309aa83d16b5919f727af04850bcd0799ba0962f afb21fd06690a0bec288a7970abf74ed2ea7dfdc sssd-1-13: 15a4b34ccfcfbcec2c9ba529d0113adf251abc16 f1742784d9b1cffd74f67beeb26375124183428a *** Bug 1269058 has been marked as a duplicate of this bug. *** Verified using RHEL 7.2 and Windows 2012 R2 sssd-1.13.0-39.el7.x86_64 ipa-server-trust-ad-4.2.0-13.el7.x86_64 ipa-server-dns-4.2.0-13.el7.x86_64 ipa-server-4.2.0-13.el7.x86_64 [root@ipa02 ~]# ipa trust-add --range-type=ipa-ad-trust-posix Realm name: SLABS.QE Active Directory domain administrator: administrator Active Directory domain administrator's password: ------------------------------------------------- Added Active Directory trust for realm "slabs.qe" ------------------------------------------------- Realm name: slabs.qe Domain NetBIOS name: SLABS Domain Security Identifier: S-1-5-21-1198230686-218755016-3050646183 SID blacklist incoming: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17, S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19, S-1-5-18 SID blacklist outgoing: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17, S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19, S-1-5-18 Trust direction: Trusting forest Trust type: Active Directory domain Trust status: Established and verified [root@ipaclient02 ~]# getent group agroup1 agroup1:*:10000: Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2355.html |