690093 – multiple problems with sssd + ldap (Active-Directory) and groups members.

Bug 690093 - multiple problems with sssd + ldap (Active-Directory) and groups members.

Summary: multiple problems with sssd + ldap (Active-Directory) and groups members.

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	5.7
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Stephen Gallagher
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:	683158
Blocks:
TreeView+	depends on / blocked

Reported:	2011-03-23 10:54 UTC by Stephen Gallagher
Modified:	2015-01-04 23:47 UTC (History)
CC List:	7 users (show)
Fixed In Version:	sssd-1.5.1-19.el5
Doc Type:	Bug Fix
Doc Text:
Clone Of:	683158
Environment:
Last Closed:	2011-07-21 08:10:04 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:0975	0	normal	SHIPPED_LIVE	Low: sssd security, bug fix, and enhancement update	2011-07-21 08:09:03 UTC

Comment 2 Kaushik Banerjee 2011-05-24 07:39:56 UTC

1. Add a AD user with First name "usr1," and Last name "sn1". Enable "Unix Attribute" on it.
2. Add a group test-grp1. Enable "Unix Attribute" on it.
3. Add a group test-grp2. This is a non-posix group.
3. Add the user "usr1, sn1" to the group test-grp1 and test-grp2
4. Enumerate user with getent passwd.
# getent -s sss passwd
usr1_ sn1:*:83647:11007:usr1, sn1:/home/usr1_ sn1:/bin/sh

5. Enumerate group with getent group.
# getent -s sss group
test-grp1:*:11007:usr1_ sn1

6. Enumerate user with id command.
# id 'usr1_ sn1'
uid=83647(usr1_ sn1) gid=11007(test-grp1) groups=11007(test-grp1) context=root:system_r:unconfined_t:SystemLow-SystemHigh

7. /var/log/sssd/sssd_AD.log shows.
<snip>
(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [sdap_find_entry_by_origDN] (9): Searching cache for [CN=usr1\5c, sn1,CN=Users,DC=sssdad,DC=com].
(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Added timed event "ltdb_callback": 0x8c36fe8

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Added timed event "ltdb_timeout": 0x8c4fbc8

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Destroying timer event 0x8c4fbc8 "ltdb_timeout"

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [ldb] (9): tevent: Ending timer event 0x8c36fe8 "ltdb_callback"

(Tue May 24 12:48:24 2011) [sssd[be[AD]]] [sdap_process_group_members_2307bis] (7): sysdbdn: name=usr1_ sn1,cn=users,cn=AD,cn=sysdb
</snip>

Verified in version:
# rpm -qi sssd | head
Name        : sssd                         Relocations: (not relocatable)
Version     : 1.5.1                             Vendor: Red Hat, Inc.
Release     : 34.el5                        Build Date: Tue 03 May 2011 10:46:09 PM IST
Install Date: Wed 11 May 2011 02:07:53 PM IST      Build Host: x86-004.build.bos.redhat.com
Group       : Applications/System           Source RPM: sssd-1.5.1-34.el5.src.rpm
Size        : 3508089                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://fedorahosted.org/sssd/
Summary     : System Security Services Daemon

Comment 3 errata-xmlrpc 2011-07-21 08:10:04 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0975.html

Note You need to log in before you can comment on or make changes to this bug.