Bug 872180 - subdomains: Invalid sub-domain request type.
Summary: subdomains: Invalid sub-domain request type.
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.4
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
Depends On:
TreeView+ depends on / blocked
Reported: 2012-11-01 13:29 UTC by Dmitri Pal
Modified: 2020-05-02 17:03 UTC (History)
5 users (show)

Fixed In Version: sssd-1.9.2-10.el6
Doc Type: Bug Fix
Doc Text:
No Documentation Needed
Clone Of:
Last Closed: 2013-02-21 09:39:30 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Github SSSD sssd issues 2652 None None None 2020-05-02 17:03:37 UTC
Red Hat Product Errata RHSA-2013:0508 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Dmitri Pal 2012-11-01 13:29:05 UTC
This bug is created as a clone of upstream ticket:

Invalid request type occurs when getting account info from subdomain.

(Sun Oct 28 22:09:54 2012) [sssd[be[testrelm.com]]] [be_get_account_info] (0x0100): Got request for [3][1][name=adtestuser1]
(Sun Oct 28 22:09:54 2012) [sssd[be[testrelm.com]]] [ipa_get_subdomain_account_info_send] (0x0040): Invalid sub-domain request type.
(Sun Oct 28 22:09:54 2012) [sssd[be[testrelm.com]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,22,User lookup failed

Comment 2 Scott Poore 2012-11-13 03:55:32 UTC

Version ::


Manual Test Results ::

[root@rhel6-1 log]# vi /etc/sssd/sssd.conf

[root@rhel6-1 log]# service sssd restart
Stopping sssd:                                             [  OK  ]
Starting sssd:                                             [  OK  ]

[root@rhel6-1 log]# cat /etc/sssd/sssd.conf
debug_level = 10
cache_credentials = True
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = testrelm.com
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = rhel6-1.testrelm.com
chpass_provider = ipa
ipa_server = rhel6-1.testrelm.com
ldap_tls_cacert = /etc/ipa/ca.crt
subdomains_provider = ipa
sudo_provider = ldap
ldap_uri = ldap://rhel6-1.testrelm.com
ldap_sudo_search_base = ou=sudoers,dc=testrelm,dc=com
ldap_sasl_mech = GSSAPI
ldap_sasl_authid = host/rhel6-1.testrelm.com
ldap_sasl_realm = TESTRELM.COM
krb5_server = rhel6-1.testrelm.com

debug_level = 10
services = nss, pam, ssh, pac, sudo
config_file_version = 2
domains = testrelm.com

debug_level = 10

debug_level = 10

debug_level = 10

debug_level = 10

debug_level = 10

debug_level = 10

[root@rhel6-1 log]# ipa hbacrule-find
2 HBAC rules matched
  Rule name: allow_all
  User category: all
  Host category: all
  Source host category: all
  Service category: all
  Description: Allow all users to access any host from any host
  Enabled: FALSE

  Rule name: test
  Description: test
  Enabled: TRUE
  User Groups: adtestdom_testgroup
  Hosts: rhel6-1.testrelm.com
  Services: sshd
Number of entries returned 2

[root@rhel6-1 log]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin@TESTRELM.COM

Valid starting     Expires            Service principal
11/12/12 20:33:36  11/13/12 20:33:36  krbtgt/TESTRELM.COM@TESTRELM.COM
11/12/12 22:09:44  11/13/12 20:33:36  HTTP/rhel6-1.testrelm.com@TESTRELM.COM

[root@rhel6-1 log]# ssh -l adtestuser1@adtestdom.com rhel6-1.testrelm.com 
adtestuser1@adtestdom.com@rhel6-1.testrelm.com's password: 
Last login: Mon Nov 12 17:00:32 2012 from rhel6-1.testrelm.com

-sh-4.1$ exit
Connection to rhel6-1.testrelm.com closed.

[root@rhel6-1 log]# cd sssd

[root@rhel6-1 sssd]# grep -i "sssd.*Invalid sub-domain request type" /var/log/sssd/sssd_testrelm.com.log | wc -l

[root@rhel6-1 sssd]# pwd

Comment 3 errata-xmlrpc 2013-02-21 09:39:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.