Red Hat Bugzilla – Bug 1158809
Enumeration shows only a single group multiple times
Last modified: 2015-03-05 05:34:05 EST
Description of problem: Group enumeration shows only a single group multiple times Version-Release number of selected component (if applicable): sssd-1.12.2-5.el7 How reproducible: Always Steps to Reproduce: 1. Setup sssd with the following in domain section: [domain/LDAP] debug_level=0xFFF0 id_provider = ldap ldap_uri = ldap://<ldapserver> ldap_search_base = dc=example,dc=com ldap_group_search_base = ou=Groups,dc=example,dc=com enumerate=true 2. My ldapserver has the following groups: # ldapsearch -x -LLL -h <ldapserver> -b 'ou=Groups,dc=example,dc=com' '(&(objectClass=posixGroup)(cn=*)(gidNumber=*)(!(gidNumber=0)))' dn dn: cn=kau2_grp1,ou=Groups,dc=example,dc=com dn: cn=kau4_Grp1,ou=Groups,dc=example,dc=com dn: cn=kau5_grp1,ou=Groups,dc=example,dc=com dn: cn=kau6_grp1,ou=Groups,dc=example,dc=com dn: cn=Kau7_grp1,ou=Groups,dc=example,dc=com dn: cn=kau9_grp1,ou=Groups,dc=example,dc=com dn: cn=kau10_grp1,ou=Groups,dc=example,dc=com dn: cn=Kau11_grp1,ou=Groups,dc=example,dc=com dn: cn=grp_nst_mid2,ou=Groups,dc=example,dc=com dn: cn=grp_nst_mid1,ou=Groups,dc=example,dc=com dn: cn=grp_nst_top,ou=Groups,dc=example,dc=com dn: cn=User_CS1_grp1,ou=Groups,dc=example,dc=com dn: cn=kau20_grp1,ou=Groups,dc=example,dc=com dn: cn=kau20_grp2,ou=Groups,dc=example,dc=com dn: cn=group test,ou=Groups,dc=example,dc=com 3. getent -s sss group Actual results: # getent -s sss group User_CS1_grp1:*:304560:User_CS1 User_CS1_grp1:*:123456:grp_nst_mid2 User_CS1_grp1:*:1234567:nst_user1 User_CS1_grp1:*:12345:grp_nst_mid1 User_CS1_grp1:*:1111111:Kau11 User_CS1_grp1:*:99999:user test User_CS1_grp1:*:101010:kau10 User_CS1_grp1:*:202020:kau20 User_CS1_grp1:*:202021:kau20 User_CS1_grp1:*:7777:kau7 User_CS1_grp1:*:2222:kau2 User_CS1_grp1:*:4444:kau4 User_CS1_grp1:*:5555:kau5 User_CS1_grp1:*:6666:kau6 User_CS1_grp1:*:9999:kau9 Expected results: Additional info:
Upstream ticket: https://fedorahosted.org/sssd/ticket/2475
master: 4b2b722319f11c81c06f488f3962a6b6280f4b9f
Verified in version 1.12.2-28.el7 # getent -s sss group User_CS1_grp1:*:304560:User_CS1 grp_nst_mid1:*:123456:grp_nst_mid2 grp_nst_mid2:*:1234567:nst_user1 puser21_grp1:*:1321:puser21 grp_nst_top:*:12345:grp_nst_mid1 Kau11_grp1:*:1111111:Kau11 group test:*:99999:user test kau10_grp1:*:101010:kau10 kau20_grp1:*:202020:kau20 kau20_grp2:*:202021:kau20 Kau7_grp1:*:7777: kau1_grp1:*:1111:kau1 kau2_grp1:*:2222:kau2 kau4_Grp1:*:4444: kau5_grp1:*:5555:kau5 kau6_grp1:*:6666: kau9_grp1:*:9999:kau9
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0441.html