Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1207720
Description of problem: id lookup resolves "Domain Local" group and errors appear in domain log. Version-Release number of selected component (if applicable): sssd-1.12.4-25.el6 How reproducible: Always Steps to Reproduce: 1. sssd.conf domain section has: [domain/sssdad.com] debug_level = 0x7480 id_provider = ad access_provider = ad ad_domain = sssdad.com krb5_realm = SSSDAD.COM cache_credentials = True krb5_store_password_if_offline = True use_fully_qualified_names = True 2. Add a group "kaugrp1" with group scope "Domain Local". kau1 user is a member in that group. 3. # id kau1@sssdad_tree.com uid=295201603(kau1@sssdad_tree.com) gid=295201603(kau1@sssdad_tree.com) groups=295201603(kau1@sssdad_tree.com),295200513(domain users@sssdad_tree.com),295201604(kaugrp1@sssdad_tree.com) Actual results: kaugrp1 is shown as a group and following error appears in the domain log: (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sdap_save_group] (0x4000): AD group [kaugrp1@sssdad_tree.com] has type flags 0x80000004. (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sdap_save_group] (0x0400): Filtering AD group [kaugrp1@sssdad_tree.com] ... ... ... (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sysdb_set_entry_attr] (0x0080): ldb_modify failed: [Attribute or value exists](20)[attribute 'gidNumber': value #1 on 'name=kaugrp1@sssdad_tree.com,cn=groups,cn=sssdad_tree.com,cn=sysdb' provided more than once] (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sysdb_store_group] (0x1000): sysdb_set_group_attr failed. (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sysdb_store_group] (0x0400): Error: 17 (File exists) (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sdap_save_group] (0x0080): Could not store group with GID: [File exists] (Tue Mar 31 20:00:06 2015) [sssd[be[sssdad.com]]] [sdap_save_group] (0x0080): Failed to save group [kaugrp1@sssdad_tree.com]: [File exists] Expected results: Domain Local group should not be resolved. Additional info:
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => mark: no => 0 milestone: NEEDS_TRIAGE => SSSD 1.12.5 owner: somebody => lslebodn priority: major => critical review: True => 0 selected: => testsupdated: => 0
patch: 0 => 1 status: new => assigned
resolution: => fixed status: assigned => closed
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1201840 (Red Hat Enterprise Linux 7)
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1207720 1207720] => [https://bugzilla.redhat.com/show_bug.cgi?id=1207720 1207720], [https://bugzilla.redhat.com/show_bug.cgi?id=1201840 1201840]
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1221839 (Red Hat Enterprise Linux 7)
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1207720 1207720], [https://bugzilla.redhat.com/show_bug.cgi?id=1201840 1201840] => [https://bugzilla.redhat.com/show_bug.cgi?id=1207720 1207720], [https://bugzilla.redhat.com/show_bug.cgi?id=1201840 1201840], [https://bugzilla.redhat.com/show_bug.cgi?id=1221839 1221839]
Metadata Update from @jhrozek: - Issue assigned to lslebodn - Issue set to the milestone: SSSD 1.12.5
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3655
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.