Bug 1435662

Summary: With multiple subdomain sections id command output for user is not displayed for both domains
Product: [Fedora] Fedora Reporter: Sudhir Menon <sumenon>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 25CC: abokovoy, jhrozek, lslebodn, mzidek, pbrezina, rharwood, sbose, ssorce
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.15.3-1.fc26 sssd-1.15.3-1.fc24 sssd-1.15.3-1.fc25 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1441545 (view as bug list) Environment:
Last Closed: 2017-07-31 06:24:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1441545    

Description Sudhir Menon 2017-03-24 13:40:58 UTC 
Description of problem: With multiple subdomain section having ldap_search_base and ldap_user_search_base id command returns only for one domain.


Version-Release number of selected component (if applicable):
freeipa-server-4.4.3-2.fc25.x86_64
freeipa-server-dns-4.4.3-2.fc25.noarch
freeipa-server-trust-ad-4.4.3-2.fc25.x86_64
freeipa-server-common-4.4.3-2.fc25.noarch
sssd-1.15.2-1.fc25.x86_64
samba-4.5.6-0.fc25.x86_64
krb5-server-1.14.4-4.fc25.x86_64

How reproducible: Always

Steps to Reproduce:
1. Install IPA Server
2. Ensure IPA server have trust established with two AD domains.(pne.qe and ptb.qe in this case)
3. create a OU named sales with user test1
4. create a OU named sales with user test1 
5. Edit the sssd.conf on IPA server to include two subdomain sections.

[domain/testqe.test/pne.qe]
debug_level = 9
ad_server = win1.pne.qe
ldap_search_base = dc=pne,dc=qe
ldap_user_search_base = ou=sales,dc=pne,dc=qe

[domain/testqe.test/ptb.qe]
debug_level = 9
ad_server = apache.ptb.qe
ldap_search_base = dc=ptb,dc=qe
ldap_user_search_base = ou=sales,dc=ptb,dc=qe

Actual results:
id command displays output for only one domain, it doesn't display for other domain.

[root@fedora sssd]# id test1
uid=1261601512(test1) gid=1261601512(test1) groups=1261601512(test1),1261600513(domain users)

[root@fedora sssd]# id test1
id: ‘test1’: no such user

Expected results:
id test should display the result.

Additional info:
Comment 4 Michal Zidek 2017-03-24 13:49:03 UTC 
Just a note (not related to the bug).

The options debug_level is not supported for the subdomain section (it always uses the same dabug_level as the main domain section), so you can delete it from the sssd.conf in the test.

Michal
Comment 5 Lukas Slebodnik 2017-03-30 11:49:08 UTC 
Upstream ticket:
https://pagure.io/SSSD/sssd/issue/3351
Comment 6 Lukas Slebodnik 2017-05-02 11:05:23 UTC 
master:
* 4c49edbd8df651b1737c59459637962c117212c6
Comment 7 Fedora Update System 2017-07-25 15:13:16 UTC 
sssd-1.15.3-1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-71a2efaa80
Comment 8 Fedora Update System 2017-07-25 15:13:57 UTC 
sssd-1.15.3-1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-91b708222e
Comment 9 Fedora Update System 2017-07-25 15:42:37 UTC 
sssd-1.15.3-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3692a58167
Comment 10 Fedora Update System 2017-07-26 23:52:12 UTC 
sssd-1.15.3-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3692a58167
Comment 11 Fedora Update System 2017-07-27 00:23:22 UTC 
sssd-1.15.3-1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-91b708222e
Comment 12 Fedora Update System 2017-07-27 02:52:05 UTC 
sssd-1.15.3-1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-71a2efaa80
Comment 13 Fedora Update System 2017-07-31 06:24:47 UTC 
sssd-1.15.3-1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
Comment 14 Fedora Update System 2017-08-07 01:20:18 UTC 
sssd-1.15.3-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2017-08-10 21:26:01 UTC 
sssd-1.15.3-1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.