Bug 725472

Summary: [abrt] Process /usr/libexec/sssd/sssd_nss was killed by signal 11 (SIGSEGV)
Product: Red Hat Enterprise Linux 7 Reporter: Andrea Cavallari <acavalla>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED WONTFIX QA Contact: Kaushik Banerjee <kbanerje>
Severity: high Docs Contact:
Priority: high    
Version: 7.0CC: dpal, grajaiya, jgalipea, kbanerje, prc
Target Milestone: pre-dev-freeze   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-14 14:20:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 727267, 747123, 756082    
Attachments:
Description Flags
sssd coredump none

Comment 10 Stephen Gallagher 2011-07-26 15:06:59 UTC 
It looks like there's a bug somewhere while chasing referrals with an authenticated bind. I'm not certain yet whether it is SSSD's bug or OpenLDAP's bug, but it will become irrelevant when we resolve
https://fedorahosted.org/sssd/ticket/860
(which is a complete rewrite of the referral code)

In the meantime, you can mitigate this issue by setting
ldap_referrals = false

in the [domain/default] section of your sssd.conf.

This will disable referral-following, so if you rely on referrals (e.g. you are using partial replication), it may not help. However, from the logs I can see you're talking to AD, which uses referrals automatically in many places, despite having no need to do so. I'd say there's a fair chance this will work for you as a workaround until we fix the above ticket.