#2477 SSSD doesn't tell that it can't start because of no longer existent ID range
Closed: Fixed None Opened 6 years ago by pvoborni.

Reproduction (more or less, I don't remember exact steps):

  • FreeIPA 4.1 pre-release without DNS sec with PVOAD.TEST_id_range AD Trust ID range (not sure if posix) and valid trust to win 2008 r2
  • uninstall IPA, remove packages of IPA, SSSD
  • install released IPA-4-1
  • DNS resolution of the AD zone was broken due to dns sec validation
  • SSSD failed to start with general error in log
  • probably not relevant: I tried to re-add the same trust, it obviously failed because of stopped SSSD and broken DNS

How to fix/workaround:

  • clear SSSD cache

Expected behavior:

  • SSSD should start
  • or report the cause in log level 0x0010 and not 0x0020 since it's a Fatal failure
  • and/or advise how to fix the issue (clear cache)

    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_view_class has value nsContainer
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_view_name has value cn
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_overide_object_class has value ipaOverrideAnchor
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_anchor_uuid has value ipaAnchorUUID
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_user_override_object_class has value ipaUserOverride
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_group_override_object_class has value ipaGroupOverride
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_name has value uid
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_uid_number has value uidNumber
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_gid_number has value gidNumber
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_gecos has value gecos
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_home_directory has value homeDirectory
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_shell has value loginShell
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_group_name has value cn
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_group_gid_number has value gidNumber
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_update is FALSE
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_refresh_interval has value 0
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_iface has no value
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_ttl has value 1200
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_update_ptr is FALSE
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_force_tcp is FALSE
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_auth has value gss-tsig
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [ipa_idmap_get_ranges_from_sysdb] (0x0020): Could not add range [PVOAD.TEST_id_range] to ID map
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [ipa_idmap_init] (0x0040): ipa_idmap_get_ranges_from_sysdb failed.
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [load_backend_module] (0x0010): Error (5) in module (ipa) initialization (sssm_ipa_id_init)!
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [be_process_init] (0x0010): fatal error initializing data providers
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sbus_remove_watch] (0x2000): 0x7effd40b8550/0x7effd40b86a0
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [main] (0x0010): Could not initialize backend [5]


Fields changed

rhbz: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12.3

Fields changed

patch: 0 => 1

resolution: => fixed
status: new => closed

Metadata Update from @pvoborni:
- Issue set to the milestone: SSSD 1.12.3

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3519

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata