#4046 sudo: incorrect usn value for openldap
Closed: Fixed 6 months ago by pbrezina. Opened 6 months ago by pbrezina.

Steps to reproduce:

  1. install openldap server
  2. run sssd
  3. there are no sudo rules on the server and there are no cached objects
  4. you'll see in the logs that sudo smart refresh uses (&(&(objectclass=sudoRole)(modifyTimestamp>=1))... filter (1 instead of proper datetime value)

When a new rule is added OpenLDAP server will fail to evaluate the filter because it can not compare modifyTimestamp to non-datetime value.

389-ds works fine.


Metadata Update from @pbrezina:
- Issue assigned to pbrezina

6 months ago

Metadata Update from @pbrezina:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

6 months ago

Metadata Update from @lslebodn:
- Issue status updated to: Open (was: Closed)

6 months ago

Darn, I pushed it to github. Thank Lukas, it is fixed.

Metadata Update from @pbrezina:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

6 months ago

Login to comment on this ticket.

Metadata