#3293 SSSD authentication fails when two IPA accounts share an email address

Created 3 months ago by jhrozek
Modified 2 months ago

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1408294

Description of problem:
After carefully following the documentation for upgrading from IPA on RHEL 6 to
IPA on RHEL 7, and reinstalling the IPA client to use the new IPA server, SSSD
keeps printing error "More users with same name...in cache". On one client SSSD
crashes, while others it just keeps printing the message.

Version-Release number of selected component (if applicable):


How reproducible:
Error message always on RHEL 7 clients. Not on RHEL 6 clients.

Steps to Reproduce:
1. Update to RHEL 7 IPA server
2. Reinstall client
3. Wait a little while

Actual results:
Error message, and can't log in to at least one server. (haven't checked them
all yet).

Expected results:
Smooth transition. All systems authenticate to new IPA server.

Additional info:

The migration instructions are here:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/L
inux_Domain_Identity_Authentication_and_Policy_Guide/upgrading.html

I followed them exactly. But it says nothing about how to update the clients.

We only have one IPA server on our LAN, no replicas.

I ran an update on RHEL 7 and RHEL 6 hosts, including the two IPA servers,
prior to the migration.

I checked the IPA UI for duplicate users, but there are none.

I also get an error about not being able to contact the CMS server when
attempting to delete a host in the UI.

This might turn into only a documentation fix

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
milestone: NEEDS_TRIAGE => SSSD 1.16 Beta
patch: => 0
review: True => 0
selected: =>
testsupdated: => 0

3 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.3

2 months ago

Metadata Update from @jhrozek:
- Custom field design_review reset
- Custom field mark reset
- Custom field patch reset
- Custom field review reset
- Custom field sensitive reset
- Custom field testsupdated reset
- Issue close_status updated to: None
- Issue set to the milestone: SSSD 1.15.4 (was: SSSD 1.15.3)

Login to comment on this ticket.

defect

SSSD

false

false

https://bugzilla.redhat.com/show_bug.cgi?id=1408294

false

false

false

false

cancel