Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1082633
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Description of problem:
On rhel6.4 configured as AD client using sssd, running
ssd-1.9.2-129.el6_5.4.x86_64 ( with RFC2307bis). With ldap_group_nesting_level
= 0 should block the nesting operations. However it seems that sssd is
ignoring the this value set for option.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. in the sssd.conf , in the domain section, define the following parameter
ldap_group_nesting_level = 0
2. restart the sssd service,
3. Create or modify userA and Group_A, Group_B, Group_C.
4. Make Group_B member of Group_A & Group_C member of Group_B
5. With User_A member of Group_C, the id
With ldap_group_nesting set to "0", run '$ id UserA'
and the output will show GroupA, GroupB, GroupC
UserA in GroupC = Without Nesting should show C only
UserA in GroupB = Without Nesting should show B only
Here is a preliminary patch written when triaging the case originally:
design_review: => 0
review: True => 0
testsupdated: => 0
milestone: NEEDS_TRIAGE => SSSD 1.11.6
owner: somebody => jhrozek
owner: jhrozek => preichl
status: new => assigned
patch: 0 => 1
Pushed to master:
and to sssd-1-11:
_comment0: Pushed to master:
and to sssd-1-11:
resolution: => fixed
status: assigned => closed
Metadata Update from @jhrozek:
- Issue assigned to preichl
- Issue set to the milestone: SSSD 1.11.6
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.