Bug 870505
Summary: | sss_cache: Multiple domains not handled properly | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Jakub Hrozek <jhrozek> |
Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> |
Status: | CLOSED ERRATA | QA Contact: | Kaushik Banerjee <kbanerje> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.4 | CC: | apeetham, grajaiya, jgalipea, mzidek, pbrezina |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.9.2-7.el6 | Doc Type: | Bug Fix |
Doc Text: |
Cause: When SSSD is configured with multiple domains and sss_cache searched object only in the first configured domain and ignored the others.
Consequence: Administrator couldn't use sss_cache on objects from arbitrary domain.
Fix: sss_cache now searches all domains.
Result: Administrator can use sss_cache on objects from arbitrary domain.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-02-21 09:39:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jakub Hrozek
2012-10-26 17:06:37 UTC
Verified the BZ on SSSD version: sssd-1.9.2-27.el6 As part of testing, multiple domains LDAP1 and LDAP2 were setup in the sssd.conf file. sss_cache cmd was executed against the cached user from domain LDAP2 and as expected, the user got invalidated. # sss_cache -u ssc_tempuser1 No such user named ssc_tempuser1 in domain LDAP1, skipping # ldbsearch -H /var/lib/sss/db/cache_LDAP2.ldb name=ssc_tempuser1 dataExpireTimestamp asq: Unable to register control with rootdse! # record 1 dn: name=ssc_tempuser1,cn=users,cn=LDAP2,cn=sysdb dataExpireTimestamp: 1 # returned 1 records # 1 entries # 0 referrals Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0508.html |