Bug 988360
Summary: | sssd doesn't show users from newly added Active Directory domain, when multiple trusts are created | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Niranjan Mallapadi Raghavender <mniranja> | ||||
Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 19 | CC: | jhrozek, lslebodn, mkosek, nc, pbrezina, sbose, sgallagh, ssorce | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2013-10-23 15:46:41 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Upstream ticket: https://fedorahosted.org/sssd/ticket/2033 Hi, during triaging of this bug I found out that the problem was already fixed in 1.11.1. I will close this bugzilla as CURRENTRELEASE as we 1.11.1 in Fedora for some time. Thank you for reporting the bug. Kindly reopen if you still see problems with multiple trusts. |
Created attachment 778238 [details] sssd logs with debug level 10 Description of problem: sssd doesn't show users from newly added Active Directory domain, when multiple trusts are created Version-Release number of selected component (if applicable): sssd-1.11.0-0.1.beta2.fc19.x86_64 sssd-krb5-common-1.11.0-0.1.beta2.fc19.x86_64 sssd-ldap-1.11.0-0.1.beta2.fc19.x86_64 sssd-client-1.11.0-0.1.beta2.fc19.x86_64 sssd-ipa-1.11.0-0.1.beta2.fc19.x86_64 sssd-common-1.11.0-0.1.beta2.fc19.x86_64 sssd-ad-1.11.0-0.1.beta2.fc19.x86_64 sssd-proxy-1.11.0-0.1.beta2.fc19.x86_64 sssd-krb5-1.11.0-0.1.beta2.fc19.x86_64 freeipa-python-3.3.0-0.2.beta1.fc19.x86_64 freeipa-server-trust-ad-3.3.0-0.2.beta1.fc19.x86_64 libipa_hbac-1.11.0-0.1.beta2.fc19.x86_64 sssd-ipa-1.11.0-0.1.beta2.fc19.x86_64 freeipa-admintools-3.3.0-0.2.beta1.fc19.x86_64 freeipa-server-3.3.0-0.2.beta1.fc19.x86_64 libipa_hbac-python-1.11.0-0.1.beta2.fc19.x86_64 iniparser-3.1-2.fc19.x86_64 python-iniparse-0.4-7.fc19.noarch freeipa-client-3.3.0-0.2.beta1.fc19.x86_64 How reproducible: Have 2 AD Domains: (with posix Attributes) win2.ceres.site win1.philip.site 1. Configure freeipa server on F-19 2. Create ipa trust with win2.ceres.site [root@master1 sssd]# ipa trust-show Realm name: win2.ceres.site Realm name: win2.ceres.site Domain NetBIOS name: WIN2 Domain Security Identifier: S-1-5-21-3788982561-4130956705-2391027395 Trust direction: Two-way trust Trust type: Active Directory domain 3. Create ipa trust with win1.philip.site [root@master1 sssd]# ipa trust-show Realm name: win1.philip.site Realm name: win1.philip.site Domain NetBIOS name: WIN1 Domain Security Identifier: S-1-5-21-1931677605-3808565714-2911731196 Trust direction: Two-way trust Trust type: Active Directory domain 4. Create AD user testaduser1 in win2.ceres.site and apply posix attributes. 5. from ipa server, getent passwd testaduser1.site returns [root@master1 sssd]# getent passwd testaduser1.site testaduser1.site:*:1343201107:1343201107:testad user1:/home/testaduser1:/bin/sh 6. Create AD user philip_testaduser1 in win1.philip.site and on ipa server getent passwd philip_testaduser1.site doesn't return user info Actual results: sssd doesn't return users from 2nd AD (win1.philip.site) Expected results: sssd should also return user's from 2nd AD also. Additional info: 2nd AD win1.philip.site is not in the same timezone as IPA. Attaching sssd logs