#2175 external idmap does not work
Closed: Invalid None Opened 9 years ago by aigoshin.

i configured sssd to work in "id_provider = ldap" mode for several
domains. it works as expected.

i need to make idmap sid<->uid/gid using corresponding attributes
of this ldap (ldap_id_mapping = False).

i add sid for a user, sid comes from ldap server with other attributes.
getent passwd stops returning anything, in logs i see errors.

is it my misconfiguration or a bug?

log and sssd.conf are attached.


This might be a duplicate of #2172

Actually this is not a duplicate of #2172, but seems related. I suspect that the root cause might be similar.

Does it help you if you specify your domain SID manually using ldap_idmap_default_domain_sid in the config file?

Fields changed

summary: exterlal idmap does not work => external idmap does not work

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.11.4

if i specify ldap_idmap_default_domain_sid sssd does not start. i tried it before opening this bug.

Replying to [comment:6 aigoshin]:

if i specify ldap_idmap_default_domain_sid sssd does not start. i tried it before opening this bug.

Can you also paste the error you get in the logs trying to specify the ldap_idmap_default_domain_sid?

Replying to [comment:8 aigoshin]:

This problem looks like a https://fedorahosted.org/sssd/ticket/2172. Patches were pushed to upstream repo for that ticket. Does it solve your problem? Do you need a help with building rpms from git repo?

Fields changed

cc: => lslebodn@redhat.com

Because we believe this problem was solved already with another commit and at this point we're just waiting on a confirmation from the reporter, I'm moving the ticket to 1.11.5 in order to not block the 1.11.4 release.

Fields changed

milestone: SSSD 1.11.4 => SSSD 1.11.5

aigoshin, could you test sssd from git branch sssd-1-11?

There was no response for 3 weeks. We believe the issue is fixed in 1.11.4. Please reopen if you are able to reproduce with 1.11.4 or later.

resolution: => worksforme
status: new => closed

Metadata Update from @aigoshin:
- Issue set to the milestone: SSSD 1.11.5

5 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3217

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata