#2576 IPA secondary groups are not resolved always
Closed: Invalid None Opened 5 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1184458

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Description of problem:
Looks like under some unknown condition after some time of execution of sssd it
is no longer able to resolve all the secondary groups


Version-Release number of selected component (if applicable):
# rpm -qa |grep sssd
python-sssdconfig-1.11.6-30.el6_6.3.noarch
sssd-krb5-common-1.11.6-30.el6_6.3.x86_64
sssd-ldap-1.11.6-30.el6_6.3.x86_64
sssd-client-1.11.6-30.el6_6.3.x86_64
sssd-common-1.11.6-30.el6_6.3.x86_64
sssd-common-pac-1.11.6-30.el6_6.3.x86_64
sssd-ad-1.11.6-30.el6_6.3.x86_64
sssd-krb5-1.11.6-30.el6_6.3.x86_64
sssd-1.11.6-30.el6_6.3.x86_64
sssd-ipa-1.11.6-30.el6_6.3.x86_64
sssd-proxy-1.11.6-30.el6_6.3.x86_64


How reproducible:
Always at customer side, procedure unknown

Steps to Reproduce:
The steps are unknown but it usually happens after some while of sssd execution
(1-2 days).

Actual results:
[root@hlxp0hd008 ~]# date
Tue Jan 20 14:28:51 GMT 2015
[root@hlxp0hd008 ~]# id -G p3001841
1019408268 1019429545 1019424178 1019424179
[root@hlxp0hd008 ~]# id -Gn p3001841
p3001841 itapp_eah_admin itapphueadmin itappcmadmin
[root@hlxp0hd008 ~]# sss_cache -UG
Couldn't invalidate user p3013958Couldn't invalidate user
p9110179[root@hlxp0hd008 ~]#
[root@hlxp0hd008 ~]# id -Gn p3001841
p3001841 itapp_eah_admin itapphueadmin itappcmadmin id: cannot find name for
group ID 1019412599
1019412599 id: cannot find name for group ID 1019424177
1019424177 id: cannot find name for group ID 1019424180
1019424180
[root@hlxp0hd008 ~]# date
Tue Jan 20 14:29:22 GMT 2015
[root@hlxp0hd008 ~]#

Expected results:
Second id -Gn p3001841 should give the same results as first.
In the above execution it was triggered immediately after cleaning the cache
(ssh_cache -UG).


Additional info:
I'll attach a logs in few minutes.

Lukas owns the downstream ticket as well.

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
owner: somebody => lslebodn
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12.5

Fields changed

status: new => assigned

The downstream bug has been closed with insufficient data available.

resolution: => worksforme
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to lslebodn
- Issue set to the milestone: SSSD 1.12.5

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3617

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata