#106 LDAP Posix Groups with memberuid attribute not getting Returned
Closed: Invalid None Opened 14 years ago by jgalipea.

Description:
Posix Groups that exist in an LDAP BE (both provider = ldap and provider = proxy) are not getting returned if they have memberuid attribute. [[BR]]

Steps to Reproduce:

  1. Add posix group with memberuid defined. [[BR]]
  2. Configure sssd LDAP BE[[BR]]
  3. getent -s sss group[[BR]]

Actual Results:
Group is not returned[[BR]]

Expected Results:
Group returned with member defined[[BR]]

Version:
sssd-2009081301-0.fc11.i586 [[BR]]

I suspect this was introduced with yesterday afternoon's build. [[BR]]

LDAP Groups with memberuid

# group2000, Groups, bos.redhat.com
dn: cn=group2000,ou=Groups, dc=bos,dc=redhat,dc=com
gidNumber: 2000
objectClass: top
objectClass: posixgroup
cn: group2000
memberUid: 2001

# Group1000, Groups, bos.redhat.com
dn: cn=Group1000,ou=Groups, dc=bos,dc=redhat,dc=com
gidNumber: 1000
objectClass: top
objectClass: posixgroup
cn: Group1000

# Duplicate, Groups, bos.redhat.com
dn: cn=Duplicate,ou=Groups, dc=bos,dc=redhat,dc=com
gidNumber: 2010
objectClass: top
objectClass: posixgroup
cn: Duplicate

[root@jennyF11 ~]# getent -s sss group [[BR]]
Duplicate:x:2010: [[BR]]

LDAP Groups without memberuid

# group2000, Groups, bos.redhat.com
dn: cn=group2000,ou=Groups, dc=bos,dc=redhat,dc=com
gidNumber: 2000
objectClass: top
objectClass: posixgroup
cn: group2000

# Group1000, Groups, bos.redhat.com
dn: cn=Group1000,ou=Groups, dc=bos,dc=redhat,dc=com
gidNumber: 1000
objectClass: top
objectClass: posixgroup
cn: Group1000

# Duplicate, Groups, bos.redhat.com
dn: cn=Duplicate,ou=Groups, dc=bos,dc=redhat,dc=com
gidNumber: 2010
objectClass: top
objectClass: posixgroup
cn: Duplicate

[root@jennyF11 ~]# getent -s sss group [[BR]]
group2000:x:2000: [[BR]]
Duplicate:x:2010: [[BR]]


Fields changed

version: 0.4.1 => master

Note: Group1000 is not being returned because it is out of allowed gidNumber range.

Fields changed

priority: major => critical

This is a serious bug that should be resolved for 0.5.0

owner: somebody => simo
priority: critical => blocker

This looks like aconfiguration issue, please check if 'legacy = TRUE' is set for your LDAP domain.

owner: simo => sbose

This is the case. you can close this issue.

Fields changed

resolution: => invalid
status: new => closed

Fields changed

rhbz: => 0

Metadata Update from @jgalipea:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.0

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1148

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata