#6827 ipasam: gidNumber attribute is not created in the trusted domain entry
Closed: fixed 6 years ago Opened 7 years ago by frenaud.

While investigating issue 6660, samba logs were showing:

[2017/03/28 17:02:35.471728,  0] ../source3/passdb/lookup_sid.c:1605(get_primary_group_sid)
  Failed to find a Unix account for DOM-AD$

This happens in calls to ldapsam_getsampwnam(), which eventually calls get_primary_group_sid() for the trusted domain entry. As the entry does not contain any gidNumber, the call fails.
The gidNumber attribute should be added when the trusted domain entry is created.


Metadata Update from @frenaud:
- Issue assigned to frenaud

7 years ago

Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/632

7 years ago

This is a spinoff of 6660, moving to same milestone.

Metadata Update from @pvoborni:
- Issue priority set to: 2
- Issue set to the milestone: FreeIPA 4.5.1

7 years ago

Metadata Update from @pvoborni:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1436987

7 years ago

Metadata Update from @pvoborni:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1436987

7 years ago

master:

  • e052c2d ipa-sam: create the gidNumber attribute in the trusted domain entry
  • 5405de5 Upgrade: add gidnumber to trusted domain entry

ipa-4-5:

  • 91d3694 ipa-sam: create the gidNumber attribute in the trusted domain entry
  • eddd29f Upgrade: add gidnumber to trusted domain entry

Metadata Update from @mbasti:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

6 years ago

Login to comment on this ticket.

Metadata