Bug 690093

Summary: multiple problems with sssd + ldap (Active-Directory) and groups members.
Product: Red Hat Enterprise Linux 5 Reporter: Stephen Gallagher <sgallagh>
Component: sssdAssignee: Stephen Gallagher <sgallagh>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: high Docs Contact:
Priority: unspecified    
Version: 5.7CC: benl, dpal, grajaiya, jgalipea, kbanerje, prc, sboucher.secondary
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: sssd-1.5.1-19.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 683158 Environment:
Last Closed: 2011-07-21 08:10:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 683158    
Bug Blocks:    

Comment 2 Kaushik Banerjee 2011-05-24 07:39:56 UTC 
1. Add a AD user with First name "usr1," and Last name "sn1". Enable "Unix Attribute" on it.
2. Add a group test-grp1. Enable "Unix Attribute" on it.
3. Add a group test-grp2. This is a non-posix group.
3. Add the user "usr1, sn1" to the group test-grp1 and test-grp2
4. Enumerate user with getent passwd.
# getent -s sss passwd
usr1_ sn1:*:83647:11007:usr1, sn1:/home/usr1_ sn1:/bin/sh

5. Enumerate group with getent group.
# getent -s sss group
test-grp1:*:11007:usr1_ sn1

6. Enumerate user with id command.
# id 'usr1_ sn1'
uid=83647(usr1_ sn1) gid=11007(test-grp1) groups=11007(test-grp1) context=root:system_r:unconfined_t:SystemLow-SystemHigh

7. /var/log/sssd/sssd_AD.log shows.
<snip>
(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [sdap_find_entry_by_origDN] (9): Searching cache for [CN=usr1\5c, sn1,CN=Users,DC=sssdad,DC=com].
(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Added timed event "ltdb_callback": 0x8c36fe8

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Added timed event "ltdb_timeout": 0x8c4fbc8

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Destroying timer event 0x8c4fbc8 "ltdb_timeout"

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Ending timer event 0x8c36fe8 "ltdb_callback"

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [sdap_process_group_members_2307bis] (7): sysdbdn: name=usr1_ sn1,cn=users,cn=AD,cn=sysdb
</snip>

Verified in version:
# rpm -qi sssd | head
Name        : sssd                         Relocations: (not relocatable)
Version     : 1.5.1                             Vendor: Red Hat, Inc.
Release     : 34.el5                        Build Date: Tue 03 May 2011 10:46:09 PM IST
Install Date: Wed 11 May 2011 02:07:53 PM IST      Build Host: x86-004.build.bos.redhat.com
Group       : Applications/System           Source RPM: sssd-1.5.1-34.el5.src.rpm
Size        : 3508089                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://fedorahosted.org/sssd/
Summary     : System Security Services Daemon
Comment 3 errata-xmlrpc 2011-07-21 08:10:04 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0975.html