Issue #3373: Infopipe method ListByCertificate does not return the users with overrides - sssd

SSSD / sssd

#3373 Infopipe method ListByCertificate does not return the users with overrides

Closed: Fixed 6 years ago Opened 7 years ago by frenaud.

FreeIPA configured with an AD trust, user bob is an active directory user.
Define an override for user bob which overrides the certificate:

$ echo $PASSWD | kinit admin
$ ipa idoverrideuser-add 'Default Trust View' bob@DOM-AD.COM --certificate=MII...

The call to Dbus ListByCertificate should return user bob but doesn't:

$ sudo dbus-send --system --print-reply  --dest=org.freedesktop.sssd.infopipe /org/freedesktop/sssd/infopipe/Users org.freedesktop.sssd.infopipe.Users.ListByCertificate string:"$(cat cert.pem)" uint32:10
method return sender=:1.9 -> dest=:1.95 reply_serial=2
   array [
   ]

As a consequence, ipa certmap-match does not return the users with overrides.

jhrozek commented 7 years ago

Thanks for the bug report. Which exact version are you running? (The output of rpm -q sssd-common is probably best)

frenaud commented 7 years ago

Hi, the version is sssd-common-1.15.2-15.el7.x86_64

jhrozek commented 7 years ago

Thank you, I can reproduce the issue now. It's something we need to fix very soon, so I'm adding it to the next milestone as critical.

Metadata Update from @jhrozek:
- Issue priority set to: critical
- Issue set to the milestone: SSSD 1.15.3

7 years ago

Metadata Update from @sbose:
- Issue assigned to sbose

7 years ago

Metadata Update from @sbose:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1446139

6 years ago

Metadata Update from @sbose:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1446139

6 years ago

sbose commented 6 years ago

Issue linked to Bugzilla: Bug 1446139

Metadata Update from @sbose:
- Custom field patch adjusted to on
- Custom field rhbz reset (from https://bugzilla.redhat.com/show_bug.cgi?id=1446139)

6 years ago

jhrozek commented 6 years ago

master: 2e5fc89

Metadata Update from @jhrozek:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

6 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4403

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

sbose

Tags

None

Blocking

None

Depending on

None

Priority

critical

Milestone

SSSD 1.15.3

type

None

component

None

version

None

selected

None

testsupdated

None

patch

rhbz

None

design_review

None

review

None

changelog

None

keywords

None

coverity

None

mark

None

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#3373 Infopipe method ListByCertificate does not return the users with overrides Closed: Fixed 6 years ago Opened 7 years ago by frenaud.

Metadata

#3373 Infopipe method ListByCertificate does not return the users with overrides

Closed: Fixed 6 years ago Opened 7 years ago by frenaud.