Ticket #1257 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

Unable to bind to IPA server when minssf set

Reported by: sgallagh Owned by: sgallagh
Priority: blocker Milestone: SSSD 1.8.2 (LTM)
Component: LDAP Provider Version: 1.8.1
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: no Coverity Bug:
Patch Submitted: yes Red Hat Bugzilla: 803436
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

https://bugzilla.redhat.com/show_bug.cgi?id=803436 (Fedora)

Description of problem:
I changed the configuration of my IPA server and set minssf to 56, as is
documented n the IPA guide. All my RHEL based systems continue to function. But
my one fedora desktop is now unable to bind to the server, and as such is not
getting any updated information.

From the logs:
Unexpected result from ldap: Server is unwilling to perform(53), Minimum SSF
not met.


Version-Release number of selected component (if applicable):
sssd-1.8.0-6.fc16.x86_64

How reproducible:
set minssf on server, watch sssd fail to bind. Frankly with all the caching
that goes on I wouldn't have even noticed that it wasn't working except for a
password change that arose after minssf was set.

As I said this continues to work fine in RHEL 5 and 6, so chances are this is
something new or a bugfix that wasn't forward ported.

-Erinn

Change History

comment:1 Changed 2 years ago by sgallagh

  • Patch Submitted set
  • Owner changed from somebody to sgallagh
  • upgrade set to 0
  • tests set to 0
  • Tests Updated unset
  • Status changed from new to assigned

comment:2 Changed 2 years ago by sgallagh

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.