Bug 1473572
| Summary: | Make changes in overrides available in the compat tree at runtime | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Sumit Bose <sbose> |
| Component: | slapi-nis | Assignee: | Alexander Bokovoy <abokovoy> |
| Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.3 | CC: | enewland, gparente, ksiddiqu, minyu, mkosek, sbose, sumenon |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-04-10 18:28:57 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1420851, 1472344 | ||
|
Description
Sumit Bose
2017-07-21 07:59:58 UTC
Tested on RHEL7.5 Beta using ipa-server-4.5.4-8.el7.x86_64 sssd-1.16.0-14.el7.x86_64 389-ds-base-1.3.7.5-11.el7.x86_64 [root@master ~]# ipa group-add idmgroupstestext0002 --external ---------------------------------- Added group "idmgroupstestext0002" ---------------------------------- Group name: idmgroupstestext0002 [root@master ~]# ipa group-add idmgroupstest0002 ------------------------------- Added group "idmgroupstest0002" ------------------------------- Group name: idmgroupstest0002 GID: 1896600013 [root@master ~]# ipa group-add-member idmgroupstest0002 --groups=idmgroupstestext0002 Group name: idmgroupstest0002 GID: 1896600013 Member groups: idmgroupstestext0002 ------------------------- Number of members added 1 ------------------------- [root@master ~]# ipa group-add-member idmgroupstestext0002 --external=aduser1 [member user]: [member group]: Group name: idmgroupstestext0002 External member: S-1-5-21-2202318585-426110948-4011710778-5281 Member of groups: idmgroupstest0002 ------------------------- Number of members added 1 ------------------------- [root@master ~]# date ; sss_cache -u aduser1 Thu Jan 18 10:36:17 IST 2018 [root@master ~]# date ; id aduser1 Thu Jan 18 10:36:25 IST 2018 uid=1261605281(aduser1) gid=1261605281(aduser1) groups=1261605281(aduser1),1261600513(domain users),1261602139(adunigroup1),1261601559(adgroup1),1261601629(adgroup2),1896600007(idmgroupstest0002) [root@master ~]# date ; getent group idmgroupstest0002 Thu Jan 18 10:36:37 IST 2018 idmgroupstest0002:*:1896600007:aduser1 [root@master ~]# date ; ldapsearch -ZZ -h master.sdr2k16.test -D "cn=directory manager" -w Secret123 -b "cn=compat,dc=sdr2k16,dc=test" -s sub "(&(cn=idmgroupstest0002))" Thu Jan 18 10:37:15 IST 2018 # extended LDIF # # LDAPv3 # base <cn=compat,dc=sdr2k16,dc=test> with scope subtree # filter: (&(cn=idmgroupstest0002)) # requesting: ALL # # idmgroupstest0002, groups, compat, sdr2k16.test dn: cn=idmgroupstest0002,cn=groups,cn=compat,dc=sdr2k16,dc=test objectClass: posixGroup objectClass: ipaOverrideTarget objectClass: extensibleObject objectClass: top gidNumber: 1896600013 ipaAnchorUUID:: OklQQTpzZHIyazE2LnRlc3Q6NDFkMmRiMmMtZmMwZC0xMWU3LThiNDctNTI1ND AwZWE2NWE1 cn: idmgroupstest0002 memberUid: aduser1 <== member is reflected without dirsrv restart. Note: There has been another bz1535547 for the issue 'External members of an external group aren't resolved when initially populating the compat tree". Hence marking this bug as VERIFIED. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0989 |