Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1791892
Description of problem: when auto private groups are enabled/disabled specifically for a child domain in sssd.conf . sssctl config-check gives message that auto_private_groups is not allowed in child domain section. Version-Release number of selected component (if applicable): sssd-2.2.3-11.el8.x86_64 How reproducible: Have a Root domain (td5f4f77.com) and 2 child domains (one5f4f77.td5f4f77.com, two5f4f77.td5f4f77.com) Enable auto_private_groups in child domains specifically in sssd.conf as given below: [sssd] domains = td5f4f77.com config_file_version = 2 services = nss, pam, ifp [domain/td5f4f77.com/two5f4f77.td5f4f77.com] auto_private_groups = True [domain/td5f4f77.com/one5f4f77.td5f4f77.com] auto_private_groups = True [pam] debug_level = 9 [domain/td5f4f77.com] ad_domain = td5f4f77.com krb5_realm = TD5F4F77.COM realmd_tags = manages-system joined-with-adcli cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = True fallback_homedir = /home/%u@%d access_provider = ad auto_private_groups = False [nss] debug_level = 9 Restart sssd and run sssctl config-check Actual results: [root@vm-10-0-154-28 db]# sssctl config-check Issues identified by validators: 2 [rule/allowed_subdomain_options]: Attribute 'auto_private_groups' is not allowed in section 'domain/td5f4f77.com/two5f4f77.td5f4f77.com'. Check for typos. [rule/allowed_subdomain_options]: Attribute 'auto_private_groups' is not allowed in section 'domain/td5f4f77.com/one5f4f77.td5f4f77.com'. Check for typos. Messages generated during configuration merging: 0 Used configuration snippet files: 0 Expected results: auto_private_groups is a valid parameter in child domain section and hence sssctl should not report any errors. Additional info:
master
Metadata Update from @pbrezina: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5116
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.