Learn more about these different git repos.
Other Git URLs
Description[[BR]]
With configuration provider = proxy and all cache timeout settings configured to 1s, new users and groups added to the ldap server do not get returned in by getent after waiting the defined timeout period.[[BR]]
Configuration[[BR]]
[services] description = Local Service Configuration activeServices = nss, dp, pam [services/nss] description = NSS Responder Configuration # the following prevents sssd for searching for the root user/group in # all domains (you can add here a comma separated list of system accounts are # always going to be /etc/passwd users, or that you want to filter out) filterGroups = root filterUsers = root [services/dp] description = Data Provider Configuration [services/pam] description = PAM Responder Configuration [services/monitor] description = Service Monitor Configuration #if a backend is particularly slow you can raise this timeout here sbusTimeout = 30 [domains] description = Domains served by SSSD domains = LDAP [domains/LDAP] description = Proxy request to our LDAP server enumerate = TRUE minId = 1000 maxId = 1010 cache-credentials = FALSE provider = proxy libName = ldap libPath = libnss_ldap.so.2 #if a backend is particularly slow you can raise this timeout here timeout = 30 EntryCacheTimeout = 1 EnumCacheTimeout = 1 EntryNegativeTimeout = 1
Example Steps to Reproduce[[BR]] 1. install sssd and configure as above, edit ldap.conf to point to your ldap server[[BR]] 2. getent -s sss group (should return groups within defined allowed ID range)[[BR]]
Duplicate:x:1010: Group1:x:1001: Group2:x:1002:
add a new posix group to the directory server within valid ID range[[BR]]
dn: cn=group1600,ou=Groups,dc=example,dc=com gidNumber: 1005 objectClass: top objectClass: groupofuniquenames objectClass: posixgroup cn: group1600
getent -s sss group group1600 (group is not found)[[BR]]
EXPECTED:[[BR]] second getent search after a few seconds would find the new group. Have tried every 30 seconds for 1800 seconds and never get the new group.[[BR]] After restart of sssd, group is found.[[BR]]
Version[[BR]] sssd-2009090301-0.fc11.i586
The same behavior is exhibit when configured with provider = files.
Bug triaged and reproduced.
I think this has something to do with the new enumeration processing that simo put in place in dd6bf2b
Assigning to simo.
owner: somebody => simo
Fields changed
testsupdated: 0 => 1
milestone: SSSD 0.6.0 => SSSD 1.0 RC
Not sure this can be easily fixed, as the proxy backend is partially synchronous Deferring.
milestone: SSSD 1.0 RC => SSSD Deferred
With a current version everything works as expected. I close this ticket as 'worksforme' and not as 'fixed' because I'm not sure since when it is working as expected.
resolution: => worksforme status: new => closed
rhbz: => 0
Metadata Update from @jgalipea: - Issue assigned to simo - Issue set to the milestone: SSSD Patches welcome
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1204
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.