Bug 1378911
Summary: | No supplementary groups are resolved for users in nested OUs when domain stanza differs from AD domain | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Dan Lavu <dlavu> | |
Component: | sssd | Assignee: | SSSD Maintainers <sssd-maint> | |
Status: | CLOSED ERRATA | QA Contact: | Dan Lavu <dlavu> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 7.3 | CC: | dlavu, enewland, grajaiya, jhrozek, lslebodn, mkolaja, mkosek, mzidek, pbrezina, sssd-qe, tlavigne, tscherf | |
Target Milestone: | rc | Keywords: | ZStream | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | sssd-1.14.0-46.el7 | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1393730 (view as bug list) | Environment: | ||
Last Closed: | 2017-08-01 09:00:03 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1393730 |
Description
Dan Lavu
2016-09-23 13:48:17 UTC
Upstream ticket: https://fedorahosted.org/sssd/ticket/3199 Sorry, I was looking at the wrong test suite when filling this BZ out. The test suite is NOT ad_parameters but ad_idmap. Test suite: ad_idmap Test case: idmap_014: bz874616 Silence DEBUG messages when dealing with built-in SIDs Actual results: :: [ BEGIN ] :: Running 'id Administrator' uid=498200500(administrator) gid=498200513(domain users) groups=498200513(domain users) :: [ PASS ] :: Command 'id Administrator' (Expected 0, got 0) :: [ FAIL ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-545\] is a built-in one' :: [ FAIL ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-544\] is a built-in one' :: [ FAIL ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Skipping built-in object' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not parse domain SID' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not convert SID to GID' '6516d9b4-4521-437d-8f69-dbc6f62cfb01' Expected results: :: [ BEGIN ] :: Running 'id Administrator' uid=498200500(administrator) gid=498200513(domain users) groups=498200513(domain users) :: [ PASS ] :: Command 'id Administrator' (Expected 0, got 0) :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-545\] is a built-in one' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-544\] is a built-in one' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Skipping built-in object' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not parse domain SID' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not convert SID to GID' '6516d9b4-4521-437d-8f69-dbc6f62cfb01' master: * e5a984093ad7921c83da75272cede2b0e52ba2d6 * 24d8c85fae253f988165c112af208198cf48eef6 sssd-1-14: * 956fdd727f8d7a28f1456146b3b7dfee49f38626 * 3f3dc8c737a8e8cfc4a29d7dbaf526ec3973c7a0 This bug needs approval for zstream, either PMApproved (from snagar) or GSSApproved from your subsystem CEE contact. Verified against sssd-1.15.2-33.el7.x86_64 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: idmap_014: bz874616 Silence DEBUG messages when dealing with built-in SIDs :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Command 'id Administrator' (Expected 0, got 0) :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-545\] is a built-in one' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-544\] is a built-in one' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Skipping built-in object' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not parse domain SID' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not convert SID to GID' :: [ LOG ] :: Duration: 12s :: [ LOG ] :: Assertions: 6 good, 0 bad :: [ PASS ] :: RESULT: idmap_014: bz874616 Silence DEBUG messages when dealing with built-in SIDs Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2017:2294 |