Bug 688697

Summary: sssd 1.5.1-9 breaks AD authentication
Product: Red Hat Enterprise Linux 5 Reporter: Stephen Gallagher <sgallagh>
Component: sssdAssignee: Stephen Gallagher <sgallagh>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: unspecified    
Version: 5.7CC: benl, bojan, dpal, grajaiya, jgalipea, jhrozek, kbanerje, prc, sbose, sgallagh, ssorce, syeghiay
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: sssd-1.5.1-19.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 683860 Environment:
Last Closed: 2011-07-21 08:09:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 683267, 683860    
Bug Blocks:    

Comment 3 Kaushik Banerjee 2011-05-23 12:27:37 UTC 
1. Create a posix user kau1.

2. Create posix group kau1_group1 and non-posix group kau1_group2.

3. Add kau1 as member of kau1_group1 and kau1_group2.

4. Enumerate and Auth as user kau1.

Enumeration shows the posix group.
# id -G -n kau1
kau1 kau1_group1

Auth happens successfully.
# ssh -l kau1 localhost
kau1@localhost's password: 
Last login: Mon May 23 17:31:43 2011 from 127.0.0.1
[kau1@rh57-x86 ~]$ 

Verified that if the user is a member of a non-posix group, the non-posix group
should just be ignored.

Verified in version:
# rpm -qi sssd | head
Name        : sssd                         Relocations: (not relocatable)
Version     : 1.5.1                             Vendor: Red Hat, Inc.
Release     : 34.el5                        Build Date: Tue 03 May 2011 10:46:09 PM IST
Install Date: Wed 11 May 2011 02:07:53 PM IST      Build Host: x86-004.build.bos.redhat.com
Group       : Applications/System           Source RPM: sssd-1.5.1-34.el5.src.rpm
Size        : 3508089                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://fedorahosted.org/sssd/
Summary     : System Security Services Daemon
Comment 4 errata-xmlrpc 2011-07-21 08:09:57 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0975.html