Hide Forgot
Description of problem: IPA server with AD trust setup is showing AD users homedir as root (/) by default: [root@rhel7-1 sssd]# getent passwd aduser.TEST aduser.test:*:551801123:551801123:aduser:/: [root@rhel7-1 sssd]# grep homedir /etc/sssd/sssd.conf [root@rhel7-1 sssd]# It appears the same even if I set subdomain_homedir [root@rhel7-1 sssd]# service sssd stop Redirecting to /bin/systemctl stop sssd.service [root@rhel7-1 sssd]# rm -rf /var/lib/sss/{mc,db}/* [root@rhel7-1 sssd]# vi /etc/sssd/sssd.conf [domain/testrelm.com] ... subdomain_homedir = /home/%d/%u ... [root@rhel7-1 sssd]# service sssd start Redirecting to /bin/systemctl start sssd.service [root@rhel7-1 sssd]# getent passwd aduser.TEST aduser.test:*:551801123:551801123:aduser:/: But, if I set override_homedir, it works: [root@rhel7-1 sssd]# service sssd stop Redirecting to /bin/systemctl stop sssd.service [root@rhel7-1 sssd]# rm -rf /var/lib/sss/{mc,db}/* [root@rhel7-1 sssd]# vi /etc/sssd/sssd.conf ... [domain/testrelm.com] ... override_homedir = /home/%d/%u ... [root@rhel7-1 sssd]# service sssd start Redirecting to /bin/systemctl start sssd.service [root@rhel7-1 sssd]# getent passwd aduser.TEST aduser.test:*:551801123:551801123:aduser:/home/ad2.example.test/aduser.test: Shouldn't that have been there from the default? Version-Release number of selected component (if applicable): sssd-1.11.2-1.el7.x86_64 ipa-server-3.3.3-5.el7.x86_64 How reproducible: unknown Steps to Reproduce: 1. Setup AD server with user aduser 2. Setup IPA server with trust to AD 3. getent passwd 'aduser' Actual results: homedir is / Expected results: homedir is /home/AD.DOMAIN/aduser Additional info:
Interestingly enough, I just installed an IPA client and it had different results: [root@rhel7-3 ~]# getent passwd aduser.TEST aduser.test:*:551801123:551801123::/home/ad2.example.test/aduser: [root@rhel7-3 ~]# grep homedir /etc/sssd/sssd.conf [root@rhel7-3 ~]#
Upstream ticket: https://fedorahosted.org/sssd/ticket/2169
* master: 1dc7694a1cbc62b0d7e23cc1369579e5ce0071e8 * sssd-1-11: f2e7b694c2f037ff4f3b73e1d10750de4ac02b41
Verified. Version :: sssd-1.11.2-27.el7.x86_64 Test Results :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa_trust_func_bug_1034920: RHEL7 sssd not setting IPA AD trusted user homedir :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Running 'getent passwd 'AD2\Administrator' > /tmp/tmpout.ipa_trust_func_bug_1034920 2>&1' (Expected 0, got 0) administrator.test:*:551800500:551800500:Administrator:/home/ad2.example.test/administrator: :: [ PASS ] :: Running 'cat /tmp/tmpout.ipa_trust_func_bug_1034920' (Expected 0, got 0) :: [ 09:59:17 ] :: HOMEDIR /home/ad2.example.test/administrator expected :: [ PASS ] :: BZ 1034920 not found
More related patches landed upstream: master: 8263ecef6f5c6dab802fdabaf57c25fd2fcf692e 99bde105680e0202ab451623ff7201a90824b780 e684f302ba5cdb2d822fa8551e9f9614d4cd46d6 sssd-1-11: fba393bc85e28f517aefa9c0c18608a2bf58937b 653e5175a717a3eff6f7d6e74684e668743fea72 b85f4eaa1f0e48f6040e34103fbbfe9ea55ee993 007c086926ae6f750a4f47a0322698506c363aad
This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request.