Learn more about these different git repos.
Other Git URLs
(Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_search_users] (0x0400): Search users with filter: (&(objectclass=user)(originalDN=CN=U329266,OU=site,OU=Users,OU=Accounts,DC=example,DC=com)) (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_search_users] (0x0400): No such entry (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_attrs_primary_name] (0x0020): Could not determine primary name: [22][Invalid argument] (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sdap_nested_group_populate_users] (0x0020): User entry 7 has no name attribute
In this case, we are talking to an Active Directory server that had some entries in its search filter that were missing the msSFU30Name attribute. When we were processing a group that contained this user, we would encounter the {{{"Could not determine primary name: [22][Invalid argument]"}}} error and fail. The proper behaviour should be to skip incomplete POSIX entries.
Fields changed
description: {{{ (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_search_users] (0x0400): Search users with filter: (&(objectclass=user)(originalDN=CN=U329266,OU=site,OU=Users,OU=Accounts,DC=example,DC=com)) (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_search_users] (0x0400): No such entry (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_attrs_primary_name] (0x0020): Could not determine primary name: [22][Invalid argument] (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sdap_nested_group_populate_users] (0x0020): User entry 7 has no name attribute }}}
In this case, we are talking to an Active Directory server that had some entries in its search filter that were missing the msSFU30Name attribute. When we were processing a group that contained this user, we would encounter the "Could not determine primary name: [22][Invalid argument]" error and fail. The proper behaviour should be to skip incomplete POSIX entries. => {{{ (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_search_users] (0x0400): Search users with filter: (&(objectclass=user)(originalDN=CN=U329266,OU=site,OU=Users,OU=Accounts,DC=example,DC=com)) (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_search_users] (0x0400): No such entry (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sysdb_attrs_primary_name] (0x0020): Could not determine primary name: [22][Invalid argument] (Tue Jan 24 15:30:20 2012) [sssd[be[EXAMPLE.COM]]] [sdap_nested_group_populate_users] (0x0020): User entry 7 has no name attribute }}}
In this case, we are talking to an Active Directory server that had some entries in its search filter that were missing the msSFU30Name attribute. When we were processing a group that contained this user, we would encounter the {{{"Could not determine primary name: [22][Invalid argument]"}}} error and fail. The proper behaviour should be to skip incomplete POSIX entries. rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=735827 735827]
IIRC group entries are filtered on the server side. Perhaps modifying filter for users in the same way could do the trick.
Modifying the filter is probably the easiest approach to this, yes. We need to be aware that RFC2307bis may need some extra care, though.
milestone: NEEDS_TRIAGE => SSSD 1.8.0 (LTM) priority: major => critical
owner: somebody => sgallagh status: new => assigned
Removing link to incorrect Bugzilla
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=735827 735827] =>
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=791208
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=791208 791208]
Fixed by: - 477cb03 (master) - 42a3cee (sssd-1-8)
patch: 0 => 1 resolution: => fixed status: assigned => closed
Metadata Update from @sgallagh: - Issue assigned to sgallagh - Issue set to the milestone: SSSD 1.8.0 (LTM)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2211
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.