Hide Forgot
This bug is created as a clone of upstream ticket: https://fedorahosted.org/sssd/ticket/2810 {{{ crash_function: ipa_srv_ad_acct_lookup_step executable: /usr/libexec/sssd/sssd_be pkg_name: sssd-common pkg_release: 0.20150930.1317.git6491a24.master.el7.centos }}}
To reproduce: Establish IPA-AD trusts with POSIX attributes but do not replicate the POSIX attributes to Global Catalog. Run "getent group $adgroup". btw Sudhir was able to reproduce the crash and our fix helped him fix it.
master: 309aa83d16b5919f727af04850bcd0799ba0962f afb21fd06690a0bec288a7970abf74ed2ea7dfdc sssd-1-13: 15a4b34ccfcfbcec2c9ba529d0113adf251abc16 f1742784d9b1cffd74f67beeb26375124183428a
*** Bug 1269058 has been marked as a duplicate of this bug. ***
Verified using RHEL 7.2 and Windows 2012 R2 sssd-1.13.0-39.el7.x86_64 ipa-server-trust-ad-4.2.0-13.el7.x86_64 ipa-server-dns-4.2.0-13.el7.x86_64 ipa-server-4.2.0-13.el7.x86_64 [root@ipa02 ~]# ipa trust-add --range-type=ipa-ad-trust-posix Realm name: SLABS.QE Active Directory domain administrator: administrator Active Directory domain administrator's password: ------------------------------------------------- Added Active Directory trust for realm "slabs.qe" ------------------------------------------------- Realm name: slabs.qe Domain NetBIOS name: SLABS Domain Security Identifier: S-1-5-21-1198230686-218755016-3050646183 SID blacklist incoming: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17, S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19, S-1-5-18 SID blacklist outgoing: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17, S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19, S-1-5-18 Trust direction: Trusting forest Trust type: Active Directory domain Trust status: Established and verified [root@ipaclient02 ~]# getent group agroup1 agroup1:*:10000:
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2355.html