Learn more about these different git repos.
Other Git URLs
In some cases, the dereference search might fail - for example if the server incorrectly advertizes deref support or if the attribute we try to dereference is not a DN.
SSSD should fall back to individual lookups in this case. The hard part is picking the errors that would be non-fatal for the search. "Protocol error" and "Server refused to perform" might be a good start.
This is not really a bug in SSSD so much as a misconfiguration on the server. The original report was failing because someone had changed the OID on the LDAP member attribute so that it did not report as a DN.
We should just write a descriptive error message to the syslog in this case, so the administrator is aware that there is a problem on the LDAP server.
component: SSSD => LDAP Provider
milestone: NEEDS_TRIAGE => SSSD 1.9.0
owner: somebody => jhrozek
priority: major => minor
summary: If dereference failed, retry with individual lookups => Warn to syslog when dereference requests fail
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=799009
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=799009 799009]
keywords: => easyfix
owner: jhrozek => arielb
status: new => assigned
- 02837b3 (master)
- f93b080 (sssd-1-8)
milestone: SSSD 1.9.0 => SSSD 1.9.0 beta 2
patch: 0 => 1
resolution: => fixed
status: assigned => closed
Metadata Update from @jhrozek:
- Issue assigned to arielb
- Issue set to the milestone: SSSD 1.9.0 beta 2
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.