1. Add a AD user with First name "usr1," and Last name "sn1". Enable "Unix Attribute" on it. 2. Add a group test-grp1. Enable "Unix Attribute" on it. 3. Add a group test-grp2. This is a non-posix group. 3. Add the user "usr1, sn1" to the group test-grp1 and test-grp2 4. Enumerate user with getent passwd. # getent -s sss passwd usr1_ sn1:*:83647:11007:usr1, sn1:/home/usr1_ sn1:/bin/sh 5. Enumerate group with getent group. # getent -s sss group test-grp1:*:11007:usr1_ sn1 6. Enumerate user with id command. # id 'usr1_ sn1' uid=83647(usr1_ sn1) gid=11007(test-grp1) groups=11007(test-grp1) context=root:system_r:unconfined_t:SystemLow-SystemHigh 7. /var/log/sssd/sssd_AD.log shows. <snip> (Tue May 24 12:48:24 2011) [sssd[be[AD]]] [sdap_find_entry_by_origDN] (9): Searching cache for [CN=usr1\5c, sn1,CN=Users,DC=sssdad,DC=com]. (Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Added timed event "ltdb_callback": 0x8c36fe8 (Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Added timed event "ltdb_timeout": 0x8c4fbc8 (Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Destroying timer event 0x8c4fbc8 "ltdb_timeout" (Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Ending timer event 0x8c36fe8 "ltdb_callback" (Tue May 24 12:48:24 2011) [sssd[be[AD]]] [sdap_process_group_members_2307bis] (7): sysdbdn: name=usr1_ sn1,cn=users,cn=AD,cn=sysdb </snip> Verified in version: # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.5.1 Vendor: Red Hat, Inc. Release : 34.el5 Build Date: Tue 03 May 2011 10:46:09 PM IST Install Date: Wed 11 May 2011 02:07:53 PM IST Build Host: x86-004.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.5.1-34.el5.src.rpm Size : 3508089 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0975.html