Bug 1327270

Summary: local overrides: issues with sub-domain users and mixed case names
Product: Red Hat Enterprise Linux 7 Reporter: Jakub Hrozek <jhrozek>
Component: sssdAssignee: SSSD Maintainers <sssd-maint>
Status: CLOSED ERRATA QA Contact: Steeve Goveas <sgoveas>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: dlavu, grajaiya, jhrozek, lslebodn, mkosek, mzidek, pbrezina
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.14.0-0.1.alpha.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1327272 (view as bug list) Environment:
Last Closed: 2016-11-04 07:17:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1327272    

Description Jakub Hrozek 2016-04-14 15:54:50 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/2989

Currently there is an issue to create local overrides for some users when the AD provider is used. First it is not possible to create overrides for users from sub-domains. Second, it is not possible to create overrides for users with mixed-case names like e.g. 'Administrator', please note that the AD provider uses 'case_sensitive = False'
Comment 1 Jakub Hrozek 2016-04-14 16:01:43 UTC 
 master:
    32dd0dd34193a7566d83adf6845f5194decc3304
    e45096aead1d2e2b8f8b2b386b420c5f62ad07d3
    3a8b5ccf7c27b72054e1d8b3ab355cb1e28efda9
    e6e2d1575ac7feb3494649f94ef51ef13cbdce48 
 sssd-1-13:
    279a9cd4e56522590f844a3ddde2235098065133
    baadb2467521b4da61e9c205d9549c750fad3eae
    a6c3abd6b9b23477ad6008852371937d16679778
    f3f312492a925e2efe1457a7cb8ab5b459eaef68
Comment 2 Jakub Hrozek 2016-04-15 12:45:09 UTC 
*** Bug 1327271 has been marked as a duplicate of this bug. ***
Comment 4 Dan Lavu 2016-09-19 20:02:00 UTC 
Verified against sssd-client-1.14.0-42.el7.x86_64

[root@dell-per230-02 db]# sssctl  domain-list
sssdad.com
child1.sssdad.com
sssdad_tree.com

[root@dell-per230-02 db]# sss_override  user-add -n  AdminChild Administrator.com
SSSD needs to be restarted for the changes to take effect.

[root@dell-per230-02 db]# service sssd restart
Redirecting to /bin/systemctl restart  sssd.service

[root@dell-per230-02 db]# id AdminChild.com
uid=1184400500(adminchild.com) gid=1184400500(adminchild.com) groups=1184400500(adminchild.com),1184400512(domain admins.com),1184400513(domain users.com),1184400520(group policy creator owners.com)

Not case sensitive.

[root@dell-per230-02 db]# id adminchild.com
uid=1184400500(adminchild.com) gid=1184400500(adminchild.com) groups=1184400500(adminchild.com),1184400512(domain admins.com),1184400513(domain users.com),1184400520(group policy creator owners.com)
Comment 6 errata-xmlrpc 2016-11-04 07:17:45 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2476.html