#1629 subdomains code does not save the proper user/group name
Closed: Fixed None Opened 6 years ago by simo.

example group with trusted user in it returned by sssd now:

    [root@ipa1 ~]# getent passwd AD2012\\Administrator
    administrator@ad2012.ssimo.org:*:1707400500:1707400500::/home/ad2012.ssimo.org/administrator:
    [root@ipa1 ~]# getent group AD2012\\Administrator
    administrator@ad2012.ssimo.org:*:1707400500:
    [root@ipa1 ~]# getent group ad_users
    ad_users:*:1111800003:administrator

as you can see the name is not fully qualified.

names from groups comes from the memberuid attribute which is populated by the memberof plugin using the 'name' attribute of the object that is member of the group.

the subdomains code is using just the short username for the name attribute.

We need to use the fully qualified name instead.


Fields changed

owner: somebody => simo
status: new => assigned

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.9.3

Fields changed

patch: 0 => 1

Fields changed

description:
example group with trusted user in it returned by sssd now:

{{{
[root@ipa1 ~]# getent passwd AD2012\Administrator
administrator@ad2012.ssimo.org::1707400500:1707400500::/home/ad2012.ssimo.org/administrator:
[root@ipa1 ~]# getent group AD2012\Administrator
administrator@ad2012.ssimo.org:
:1707400500:
[root@ipa1 ~]# getent group ad_users
ad_users:*:1111800003:administrator
}}}}

as you can see the name is not fully qualified.

names from groups comes from the memberuid attribute which is populated by the memberof plugin using the 'name' attribute of the object that is member of the group.

the subdomains code is using just the short username for the name attribute.

We need to use the fully qualified name instead. =>
example group with trusted user in it returned by sssd now:

{{{
[root@ipa1 ~]# getent passwd AD2012\Administrator
administrator@ad2012.ssimo.org::1707400500:1707400500::/home/ad2012.ssimo.org/administrator:
[root@ipa1 ~]# getent group AD2012\Administrator
administrator@ad2012.ssimo.org:
:1707400500:
[root@ipa1 ~]# getent group ad_users
ad_users:*:1111800003:administrator
}}}

as you can see the name is not fully qualified.

names from groups comes from the memberuid attribute which is populated by the memberof plugin using the 'name' attribute of the object that is member of the group.

the subdomains code is using just the short username for the name attribute.

We need to use the fully qualified name instead.

Fixed in master:
- d096233
- 94a66f8
- 8d9e054
- 868ae51
and sssd-1-9:
- 9a0e490
- d5809af
- 2f5fbac
- c16a30f

resolution: => fixed
status: assigned => closed

Metadata Update from @simo:
- Issue assigned to simo
- Issue set to the milestone: SSSD 1.9.3

2 years ago

Login to comment on this ticket.

Metadata