Bug 1259512 - sss_override : The local override user is not found
sss_override : The local override user is not found
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Pavel Březina
Dan Lavu
Depends On:
  Show dependency treegraph
Reported: 2015-09-02 16:32 EDT by Dan Lavu
Modified: 2015-11-19 06:40 EST (History)
10 users (show)

See Also:
Fixed In Version: sssd-1.13.0-29.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-11-19 06:40:16 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
sssd_logs (125.57 KB, text/plain)
2015-09-02 16:37 EDT, Dan Lavu
no flags Details

  None (edit)
Description Dan Lavu 2015-09-02 16:32:49 EDT
Description of problem:

When using sss_override the local override user is not found

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Add AD user to override 

[root@rhel72 ~]#  sss_override user-add dlavu@sssd2012.com  -n dlavu1@sssd2012.com 
SSSD needs to be restarted for the changes to take effect.

2. restart sssd
3. get entry on user

Actual results:
root@rhel72 ~]# getent passwd dlavu1@sssd2012.com
no results

Expected results:
User is found 

*NOTE* Searching by the original name, the user is found and the override is viewed correctly

[root@rhel72 ~]# getent passwd dlavu@sssd2012.com
dlavu1@sssd2012.com@sssd2012.com:*:349001105:349000513:Dan Lavu:/home/dlavu1@sssd2012.com:/bin/bash

Additional info:

Logs are attached.
Comment 2 Dan Lavu 2015-09-02 16:37:39 EDT
Created attachment 1069589 [details]
Comment 3 Pavel Březina 2015-09-03 06:40:32 EDT
You should not use fqn in --name. The correct command is:

sss_override user-add dlavu@sssd2012.com  -n dlavu1

The question is, is it something we want to change?
Comment 4 Dan Lavu 2015-09-03 06:58:09 EDT
Okay, that does work but it is confusing. Either we document it better or we change it to accept the same format.
Comment 5 Jakub Hrozek 2015-09-05 11:28:55 EDT
Upstream ticket:
Comment 6 Jakub Hrozek 2015-09-05 16:36:58 EDT
Marking as exception? 

Rationale - the fix for this issue would be easy and low-risk. At the same time, this bug deviates sssd's behaviour from the proprietary tool we'd like to displace.

Please ack for 7.2 exception. Thank you!
Comment 7 Pavel Březina 2015-09-15 06:52:09 EDT
Patch is awaiting review.
Comment 8 Jakub Hrozek 2015-09-16 10:54:28 EDT
* master: 4649f19ea4b11c428ca75803beda8d495a0c9335
Comment 11 Dan Lavu 2015-09-22 12:44:11 EDT
Verified against sssd-ad-1.13.0-33.el7.x86_64. 

[root@sssd1-13-0-29 ~]# sss_override user-add -n dlavu123@sssdad2012r2.com dlavu@sssdad2012r2.com
SSSD needs to be restarted for the changes to take effect.

[root@sssd1-13-0-29 ~]# service sssd restart
Redirecting to /bin/systemctl restart  sssd.service

[root@sssd1-13-0-29 ~]# getent passwd dlavu123@sssdad2012r2.com
dlavu123@sssdad2012r2.com:*:768001104:768000513:Dan Lavu:/home/dlavu123@sssdad2012r2.com:/bin/bash
Comment 12 errata-xmlrpc 2015-11-19 06:40:16 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.