389-ds-base

Clone
Source Code
GIT

#482 RHEL6.3 memberof bug with 389-ds-base-1.2.10.2-20.el6_3.x86_64
Closed: wontfix None Opened 11 years ago by jraquino.

Closed: wontfix
Reopen Issue

idM / IPA for RedHat 6.3 appears to have a severe bug with the processing of the memberof plugin.

It appears that it is processing group objects which contain a member attribute properly, but is ignoring the memberof fixup/referential integrity modifications to group objects that contain memberHost or memberUser. Both of which are critical for idM/IPA in Red Hat Enterprise Linux

This breaks SSSD interactions, since the client looks for the node object to refer back up to the groups that it is a member of.

RHEL6 Replica Server Entry:
dn: fqdn=testhost1.example.com,cn=computers,cn=accounts,dc=example,dc=com
memberOf: cn=prod,cn=hostgroups,cn=accounts,dc=example,dc=com

Fedora Replica Sever Entry:
memberOf: cn=prod,cn=hostgroups,cn=accounts,dc=example,dc=com
memberOf: cn=prod,cn=ng,cn=alt,dc=example,dc=com
memberOf: ipaUniqueID=4cd496aa-1ac8-11e1-b3fb-9c8e9927cab0,cn=hbac,dc=example,dc=com
memberOf: ipaUniqueID=50f72680-1ac8-11e1-b789-9c8e9927cab0,cn=hbac,dc=example,dc=com
memberOf: ipaUniqueID=53e31ce6-1ac8-11e1-8820-9c8e9927cab0,cn=hbac,dc=example,,dc=com
memberOf: ipaUniqueID=5a03f7c6-1ac8-11e1-bdca-9c8e9927cab0,cn=hbac,dc=example,dc=com
memberOf: ipaUniqueID=5a712b16-1ac8-11e1-8ec6-9c8e9927cab0,cn=hbac,dc=example,dc=com
memberOf: ipaUniqueID=62e324d4-1ac8-11e1-ae48-9c8e9927cab0,cn=hbac,dc=example,dc=com
memberOf: ipaUniqueID=7a633fc2-1ac8-11e1-bcf6-9c8e9927cab0,cn=sudorules,cn=sudo,dc=example,dc=com
memberOf: ipaUniqueID=8ac6765e-1ac8-11e1-ba2e-9c8e9927cab0,cn=sudorules,cn=sudo,dc=example,dc=com
memberOf: ipaUniqueID=8e69d94a-1ac8-11e1-b01d-9c8e9927cab0,cn=sudorules,cn=sudo,dc=example,dc=com
memberOf: ipaUniqueID=a1678ff6-1ac8-11e1-ba2e-9c8e9927cab0,cn=sudorules,cn=sudo,dc=example,dc=com
memberOf: ipaUniqueID=af86055e-1ac8-11e1-94c1-9c8e9927cab0,cn=sudorules,cn=sudo,dc=example,dc=com

This issue was not reprducible with a fresh IPA install and replica (by myself or the reporter). Closing this ticket.

Metadata Update from @nkinder:
- Issue assigned to rmeggins
- Issue set to the milestone: N/A
7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/482

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Invalid)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
major
None
None
Community
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.