688697 – sssd 1.5.1-9 breaks AD authentication

Bug 688697 - sssd 1.5.1-9 breaks AD authentication

Summary: sssd 1.5.1-9 breaks AD authentication

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	5.7
Hardware:	i686
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Stephen Gallagher
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:	683267 683860
Blocks:
TreeView+	depends on / blocked

Reported:	2011-03-17 18:28 UTC by Stephen Gallagher
Modified:	2015-01-04 23:47 UTC (History)
CC List:	12 users (show)
Fixed In Version:	sssd-1.5.1-19.el5
Doc Type:	Bug Fix
Doc Text:
Clone Of:	683860
Environment:
Last Closed:	2011-07-21 08:09:57 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:0975	0	normal	SHIPPED_LIVE	Low: sssd security, bug fix, and enhancement update	2011-07-21 08:09:03 UTC

Comment 3 Kaushik Banerjee 2011-05-23 12:27:37 UTC

1. Create a posix user kau1.

2. Create posix group kau1_group1 and non-posix group kau1_group2.

3. Add kau1 as member of kau1_group1 and kau1_group2.

4. Enumerate and Auth as user kau1.

Enumeration shows the posix group.
# id -G -n kau1
kau1 kau1_group1

Auth happens successfully.
# ssh -l kau1 localhost
kau1@localhost's password: 
Last login: Mon May 23 17:31:43 2011 from 127.0.0.1
[kau1@rh57-x86 ~]$ 

Verified that if the user is a member of a non-posix group, the non-posix group
should just be ignored.

Verified in version:
# rpm -qi sssd | head
Name        : sssd                         Relocations: (not relocatable)
Version     : 1.5.1                             Vendor: Red Hat, Inc.
Release     : 34.el5                        Build Date: Tue 03 May 2011 10:46:09 PM IST
Install Date: Wed 11 May 2011 02:07:53 PM IST      Build Host: x86-004.build.bos.redhat.com
Group       : Applications/System           Source RPM: sssd-1.5.1-34.el5.src.rpm
Size        : 3508089                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://fedorahosted.org/sssd/
Summary     : System Security Services Daemon

Comment 4 errata-xmlrpc 2011-07-21 08:09:57 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0975.html

Note You need to log in before you can comment on or make changes to this bug.