#2142 AD Enumeration reads data from LDAP while regular lookups connect to GC
Closed: Fixed None Opened 8 years ago by jhrozek.

We have a bad inconsistency when performing lookups. When enumerating users and groups, we connect to LDAP port automatically, while when doing regular lookups, we connect to GC.

This can have very confusing consequences if POSIX attributes are requested but not replicated to GC -- the users that are enumerated will show up with POSIX attributes, but since initgroups are performed against GC, the attributes not present in GC but present in LDAP are deleted from sysdb.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.11.3

Fields changed

owner: somebody => jhrozek

Fields changed

patch: 0 => 1

Fields changed

milestone: SSSD 1.11.3 => SSSD 1.11.4

Fields changed

changelog: => Regular user lookups and enumeration task that runs in the background used a different Active Directory server port for the lookups which might have resulted in inconsistent results when requesting user and/or group information.

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.11.4

5 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3184

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.