Red Hat Bugzilla – Bug 646781
id only returns primary group membership
Last modified: 2011-01-10 16:30:09 EST
Description of problem:
With latest sssd (1.4) an 'id $USERNAME' only returns the primary group whilst groups are returned correctly with getent group (enumerate on).
What is the schema you are using? RFC2307 or RFC2307bis?
Would you mind pasting your sanitized config file along with logfiles?
Created attachment 455764 [details]
sssd log while running id
We are using RFC2307bis
Your users and groups are being filtered out. Please try removing the 'min_id' and 'max_id' options from sssd.conf and then retry your tests.
Also, please include your config file.
Created attachment 455775 [details]
sssd log without min_uid set
Created attachment 455776 [details]
removing min_uid leads to exactly the same result
Tests without min_id result in exactly the same
Ah, reading through that log, I see that the problem is that with entries that contain parentheses in the distinguished name. We're not properly escaping the search filter, so it's failing because it's not parseable.
We are already tracking this issue upstream: https://fedorahosted.org/sssd/ticket/639
sssd-1.5.0-1.fc14 has been submitted as an update for Fedora 14.
sssd-1.5.0-1.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update sssd'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/sssd-1.5.0-1.fc14
sssd-1.5.0-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.