Learn more about these different git repos.
Other Git URLs
Recently I've created IPA + IPA-enrolled machine for testing purposes.
Then I run ipa-client-install --uninstall, created completely different IPA installation (different version even) but with the same domain and the same users.
I've IPA-enrolled the machine back but PAM authentication did not work.
Jakub says that you need to remove the sssd cache to get rid of the old uids.
This ticket is about making sure people don't hit the problem.
Possible solutions: loud warning about reusing the same domain name; removing the cache either during --uninstall or during ipa-client-install; comparing host's key timestamp in the keytab with the cache timestamp; something else.
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.14 beta
rhbz: => todo
We need to first fix #2671, which would allow the ipa installer tools to call sss_cache --remove-db or similar. btw we also had a similar request from the realmd side.
blockedby: => #2671 milestone: SSSD 1.14 beta => SSSD 1.14 backlog sensitive: => 0
selected: => May
The manual cache removal is now implemented in sssctl. In order for this scenario to work automagically, ticket #884 must be implemented as well. In the meantime, I at least documented this in the troubleshooting guide: https://fedorahosted.org/sssd/wiki/Troubleshooting?action=diff&version=28&old_version=27
milestone: SSSD 1.14 backlog => SSSD Patches welcome
Metadata Update from @adelton: - Issue marked as depending on: #2671 - Issue set to the milestone: SSSD Patches welcome
Thank you for taking time to submit this request for SSSD. Unfortunately this issue was not given priority and the team lacks the capacity to work on it at this time.
Given that we are unable to fulfill this request I am closing the issue as wontfix.
If the issue still persist on recent SSSD you can request re-consideration of this decision by reopening this issue. Please provide additional technical details about its importance to you.
Thank you for understanding.
Metadata Update from @pbrezina: - Issue close_status updated to: wontfix - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3539
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.