Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 886848

Summary: user id lookup fails for case sensitive users using proxy provider
Product: Red Hat Enterprise Linux 6 Reporter: Kaushik Banerjee <kbanerje>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Kaushik Banerjee <kbanerje>
Severity: unspecified Docs Contact:
Priority: low    
Version: 6.4CC: grajaiya, jgalipea, okos, pbrezina
Target Milestone: rcKeywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.9.2-63.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-21 09:42:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 895654    

Description Kaushik Banerjee 2012-12-13 10:58:08 UTC 
Description of problem:
user id lookup fails for case sensitive users using proxy provider. This is related to bug 874673

Version-Release number of selected component (if applicable):
sssd-1.9.2-41.el6

How reproducible:
Always

Steps to Reproduce:
1. User and group in ldap as follows:
dn: uid=User_CS1,ou=Users,dc=example,dc=com
objectClass: posixAccount
objectClass: account
cn: User_CS1
homeDirectory: /home/User_CS1
userPassword:: U2VjcmV0MTIz
uid: User_CS1_Alias
uid: User_CS1
uidNumber: 304560
gidNumber: 304560
 
dn: cn=User_CS1_grp1,ou=Groups,dc=example,dc=com
objectClass: posixGroup
memberUid: User_CS1
cn: User_CS1_grp1_Alias
cn: User_CS1_grp1
gidNumber: 304560

2. sssd.conf domain section has:
 
[domain/PROXY]
id_provider = proxy
debug_level = 0xFFF0
proxy_lib_name = ldap
proxy_pam_target = sssdproxyldap

3. # getent group User_CS1_grp1;id User_CS1
User_CS1_grp1_Alias:*:304560:User_CS1
id: User_CS1: No such user                   <=== id lookup fails after getent
 
Works fine after clearing cache if I execute the above 2 commands in reverse order:
# id User_CS1;getent group User_CS1_grp1
uid=304560(User_CS1_Alias) gid=304560(User_CS1_grp1_Alias) groups=304560(User_CS1_grp1_Alias)
User_CS1_grp1_Alias:*:304560:User_CS1
  

Actual results:
id lookup fails for the case sensitive user if group is looked up before.

Expected results:
id lookup should work for case sensitive users.

Additional info:
Log shows:
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 2)
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [sysdb_error_to_errno] (0x0020): LDB returned unexpected error: [No such attribute]
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [sysdb_add_user] (0x0400): Error: 14 (Bad address)
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 1)
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0040): Could not add user
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 0)
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0400): Error: 14 (Bad address)
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [save_user] (0x0040): Could not add user to cache
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [get_pw_name] (0x0040): proxy -> getpwnam_r failed for 'User_CS1' <14>: Bad address
(Wed Dec 12 14:09:15 2012) [sssd[be[PROXY]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,14,Internal Error (Cannot make/remove an entry for the specified session)
Comment 1 Ondrej Kos 2012-12-13 11:03:46 UTC 
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1714
Comment 5 Kaushik Banerjee 2013-01-15 17:34:56 UTC 
Verified in version 1.9.2-68

Output of beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: case_sensitive23: proxy provider: case_sensitive=true simple_deny_groups = User_CS1_grp1
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Stopping nslcd: [  OK  ]
Starting nslcd: [  OK  ]
User_CS1:*:1111111:1111111:User_CS1:/home/User_CS1:
:: [   PASS   ] :: Running 'getent -s ldap passwd User_CS1'
Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [12:03:22] ::  Sleeping for 5 seconds
User_CS1_grp1_Alias:*:1111111:User_CS1
:: [   PASS   ] :: Running 'getent group User_CS1_grp1'
uid=1111111(User_CS1_Alias) gid=1111111(User_CS1_grp1_Alias) groups=1111111(User_CS1_grp1_Alias)
:: [   PASS   ] :: Running 'id User_CS1'
Comment 6 errata-xmlrpc 2013-02-21 09:42:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html