Learn more about these different git repos.
Other Git URLs
When SSSD is processing nested group memberships, the back end keeps an array of parents group in LDAP for every group. However, it does save the parents group even when the LDAP nesting level is reached.
The effect is that we would save the deepest nesting level and then attempt to link it to its parents that we never downloaded because they are out of the allowed nesting. Luckily the code is robust so all we get is an error message. The memberships are saved correctly.
Fields changed
summary: when nesting limit is reached, the LDAP provider tries to save members outside the nestig limit => when nesting limit is reached, the LDAP provider tries to establish link to members outside the nestig limit
summary: when nesting limit is reached, the LDAP provider tries to establish link to members outside the nestig limit => when nesting limit is reached, the LDAP provider tries to establish link to members outside the nesting limit
milestone: NEEDS_TRIAGE => SSSD 1.9.0 priority: major => minor
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=790848
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=790848 790848]
owner: somebody => mzidek status: new => assigned
patch: 0 => 1
resolution: => fixed status: assigned => closed
resolution: fixed => status: closed => reopened
description: When SSSD is processing nested group memberships, the back end keeps an array of parents group in LDAP for every group. However, it does save the parents group even when the LDAP nesting level is reached.
The effect is that we would save the deepest nesting level and then attempt to link it to its parents that we never downloaded because they are out of the allowed nesting. Luckily the code is robust so all we get is an error message. The memberships are saved correctly. => When SSSD is processing nested group memberships, the back end keeps an array of parents group in LDAP for every group. However, it does save the parents group even when the LDAP nesting level is reached.
mzidek's note: I closed this ticket by mistake, that's why the status is now "reopened".
fb5abb2 fixed in master
mzidek's note: I closed this ticket by mistake, that's why the status is now "reopened". => When SSSD is processing nested group memberships, the back end keeps an array of parents group in LDAP for every group. However, it does save the parents group even when the LDAP nesting level is reached.
The effect is that we would save the deepest nesting level and then attempt to link it to its parents that we never downloaded because they are out of the allowed nesting. Luckily the code is robust so all we get is an error message. The memberships are saved correctly. milestone: SSSD 1.9.0 => SSSD 1.9.0 RC1 resolution: => fixed status: reopened => closed
Metadata Update from @jhrozek: - Issue assigned to mzidek - Issue set to the milestone: SSSD 1.9.0 beta 7
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2236
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.