Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1037653
Description of problem:
Enabling ldap_id_mapping doesn't exclude uidNumber in filter
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. sssd.conf domain section:
debug_level = 0xFFF0
id_provider = ldap
ldap_uri = ldap://<ad server>
ldap_id_mapping = true
ldap_schema = ad
ldap_default_bind_dn = cn=Administrator,cn=Users,dc=example,dc=com
ldap_default_authtok = XXXXX
2. Lookup an AD user
User lookup fails. Domain log shows:
(Tue Dec 3 16:19:08 2013) [sssd[be[ADTEST]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(sAMAccou
User lookup should work
design_review: => 0
milestone: NEEDS_TRIAGE => SSSD 1.11.3
review: True => 0
testsupdated: => 0
owner: somebody => lslebodn
status: new => assigned
patch: 0 => 1
Moving tickets that didn't make 1.11.3 to 1.11.4
milestone: SSSD 1.11.3 => SSSD 1.11.4
priority: major => critical
resolution: => fixed
status: assigned => closed
Two additional fixes landed upstream:
changelog: => The fix makes it possible to use id_provider=ldap along with id_mapping without specifying the domain SID manually.
Metadata Update from @jhrozek:
- Issue assigned to lslebodn
- Issue set to the milestone: SSSD 1.11.4
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.