Bug 755471

Summary: SSSD should handle the AD group "Domain Users" as a special-case
Product: [Fedora] Fedora Reporter: Marcus Moeller <marcus.moeller>
Component: sssdAssignee: Stephen Gallagher <sgallagh>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: jhrozek, sbose, sgallagh, ssorce
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-05-14 08:42:06 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Marcus Moeller 2011-11-21 04:08:41 EST
sssd 1.6.3 does not resolve group names with spaces (e.g. "Domain Users")
Comment 1 Marcus Moeller 2011-11-21 04:24:47 EST
Noticed that this only affects the primary group.
Comment 2 Jakub Hrozek 2011-11-21 07:22:46 EST
Does it work with other groups than "Domain Users"? I think that Domain Users are kind of a special case where the member attribute is not actually populated.

I've tested a group with a space in CN, where CN was my RDN attribute in pure LDAP setting and it seemed to work fine.
Comment 3 Marcus Moeller 2011-11-21 07:27:18 EST
It only affects Domain Users. Other groups with spaces are shown correctly.
Comment 4 Jakub Hrozek 2011-11-21 08:35:17 EST
Upstream ticket:
Comment 5 Stephen Gallagher 2012-05-14 08:42:06 EDT
SSSD 1.9.0 beta 1 and later (now in Rawhide) supports ID-mapping of Active Directory.