Ticket #1257 (closed defect: fixed)

Opened 5 years ago

Last modified 5 years ago

Unable to bind to IPA server when minssf set

Reported by: sgallagh Owned by: sgallagh
Priority: blocker Milestone: SSSD 1.8.2 (LTM)
Component: LDAP Provider Version: 1.8.1
Keywords: Cc:
Blocked By: Blocking:
Sensitive: Tests Updated: no
Coverity Bug: Patch Submitted: yes
Red Hat Bugzilla: 803436 Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:
Temp mark:


https://bugzilla.redhat.com/show_bug.cgi?id=803436 (Fedora)

Description of problem:
I changed the configuration of my IPA server and set minssf to 56, as is
documented n the IPA guide. All my RHEL based systems continue to function. But
my one fedora desktop is now unable to bind to the server, and as such is not
getting any updated information.

From the logs:
Unexpected result from ldap: Server is unwilling to perform(53), Minimum SSF
not met.

Version-Release number of selected component (if applicable):

How reproducible:
set minssf on server, watch sssd fail to bind. Frankly with all the caching
that goes on I wouldn't have even noticed that it wasn't working except for a
password change that arose after minssf was set.

As I said this continues to work fine in RHEL 5 and 6, so chances are this is
something new or a bugfix that wasn't forward ported.


Change History

comment:1 Changed 5 years ago by sgallagh

  • Status changed from new to assigned
  • tests set to 0
  • upgrade set to 0
  • Tests Updated unset
  • Patch Submitted set
  • Owner changed from somebody to sgallagh

comment:2 Changed 5 years ago by sgallagh

  • Status changed from assigned to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.