Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1296618
Description of problem: Since the DNs in the SSSD cache differ from the DNs of the original objects SSSD saves the original DN in attributes prefixed by 'original'. The is done for the memberOf attributes of a user as well. If now e.g. from a AD user all secondary group memberships are removed, i.e. the user is only member of the primary group which is 'Domain Users' in the AD case, there are no memberOf attributes in the original object anymore. In this case any existing OriginalMemberOf attributes are not removed from the cache. This can be seen by checking the cache entry with the ldbsearch utility.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1296620 (Red Hat Enterprise Linux 6)
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1296618 1296618] => [https://bugzilla.redhat.com/show_bug.cgi?id=1296618 1296618], [https://bugzilla.redhat.com/show_bug.cgi?id=1296620 1296620]
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => mark: no => 0 owner: somebody => sbose review: True => 0 selected: => status: new => assigned testsupdated: => 0
Since the bug is fixed and cloned downstream, I also took the liberty of moving to sssd 1.13.4 milestone
milestone: NEEDS_TRIAGE => SSSD 1.13.4 resolution: => fixed status: assigned => closed
Metadata Update from @jhrozek: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.13.4
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3958
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.