Red Hat Bugzilla – Bug 691900
SSSD needs to fall back to 'cn' for GECOS information (was: SSSD configuration problem when configured with MSAD)
Last modified: 2015-01-04 18:47:39 EST
1. Add a user user1 without gecos attribute. 2. Enumerate user1 #getent -s sss passwd user1 user1:*:1091:1091:user1:/home/user1:/bin/bash 3. Auth as user1. 4. Enumerate user1 # getent -s sss passwd user1 user1:*:1091:1091:user1:/home/user1:/bin/bash Verified in version: # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.5.1 Vendor: Red Hat, Inc. Release : 34.el5 Build Date: Tue 03 May 2011 10:46:09 PM IST Install Date: Wed 11 May 2011 02:07:53 PM IST Build Host: x86-004.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.5.1-34.el5.src.rpm Size : 3508089 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Previously, when GECOS information (an entry in the /etc/passwd file) for a user was missing, SSSD did not look for this information in the "cn" attribute as it should have. SSSD now correctly falls back to the "cn" attribute for GECOS if the GECOS field is empty, making SSSD fully compliant with section 5.3 of RFC 2307.
(In reply to comment #3) > Technical note added. If any revisions are required, please edit the > "Technical Notes" field > accordingly. All revisions will be proofread by the Engineering Content > Services team. > > New Contents: > Previously, when GECOS information (an entry in the /etc/passwd file) for a > user was missing, SSSD did not look for this information in the "cn" attribute > as it should have. SSSD now correctly falls back to the "cn" attribute for > GECOS if the GECOS field is empty, making SSSD fully compliant with section 5.3 > of RFC 2307. The note is not correct. GECOS is not an entry in the /etc/passwd file, it is a field that usually contains user's real name, it is stored with the rest of the user entry. Only if the user record is stored in /etc/passwd, so is his GECOS. I've modified the technical note accordingly.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1 +1 @@ -Previously, when GECOS information (an entry in the /etc/passwd file) for a user was missing, SSSD did not look for this information in the "cn" attribute as it should have. SSSD now correctly falls back to the "cn" attribute for GECOS if the GECOS field is empty, making SSSD fully compliant with section 5.3 of RFC 2307.+Previously, when GECOS attribute for a user was missing, SSSD did not fall back for this information to the "cn" attribute as it should have. SSSD now correctly falls back to the "cn" attribute for GECOS if the GECOS field is empty, making SSSD fully compliant with section 5.3 of RFC 2307.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0975.html