#2477 SSSD doesn't tell that it can't start because of no longer existent ID range
Closed: Fixed None Opened 5 years ago by pvoborni.

Reproduction (more or less, I don't remember exact steps):

  • FreeIPA 4.1 pre-release without DNS sec with PVOAD.TEST_id_range AD Trust ID range (not sure if posix) and valid trust to win 2008 r2
  • uninstall IPA, remove packages of IPA, SSSD
  • install released IPA-4-1
  • DNS resolution of the AD zone was broken due to dns sec validation
  • SSSD failed to start with general error in log
  • probably not relevant: I tried to re-add the same trust, it obviously failed because of stopped SSSD and broken DNS

How to fix/workaround:

  • clear SSSD cache

Expected behavior:

  • SSSD should start
  • or report the cause in log level 0x0010 and not 0x0020 since it's a Fatal failure
  • and/or advise how to fix the issue (clear cache)

    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_view_class has value nsContainer
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_view_name has value cn
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_overide_object_class has value ipaOverrideAnchor
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_anchor_uuid has value ipaAnchorUUID
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_user_override_object_class has value ipaUserOverride
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ipa_group_override_object_class has value ipaGroupOverride
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_name has value uid
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_uid_number has value uidNumber
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_gid_number has value gidNumber
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_gecos has value gecos
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_home_directory has value homeDirectory
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_user_shell has value loginShell
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_group_name has value cn
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sdap_get_map] (0x0400): Option ldap_group_gid_number has value gidNumber
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_update is FALSE
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_refresh_interval has value 0
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_iface has no value
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_ttl has value 1200
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_update_ptr is FALSE
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_force_tcp is FALSE
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [dp_get_options] (0x0400): Option dyndns_auth has value gss-tsig
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [ipa_idmap_get_ranges_from_sysdb] (0x0020): Could not add range [PVOAD.TEST_id_range] to ID map
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [ipa_idmap_init] (0x0040): ipa_idmap_get_ranges_from_sysdb failed.
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [load_backend_module] (0x0010): Error (5) in module (ipa) initialization (sssm_ipa_id_init)!
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [be_process_init] (0x0010): fatal error initializing data providers
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [sbus_remove_watch] (0x2000): 0x7effd40b8550/0x7effd40b86a0
    (Fri Oct 24 13:43:58 2014) [sssd[be[ipa.example.com]]] [main] (0x0010): Could not initialize backend [5]


Fields changed

rhbz: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12.3

Fields changed

patch: 0 => 1

resolution: => fixed
status: new => closed

Metadata Update from @pvoborni:
- Issue set to the milestone: SSSD 1.12.3

2 years ago

Login to comment on this ticket.

Metadata