Learn more about these different git repos.
Other Git URLs
Set ldap_schema=ad in sssd.conf domain section
From the ldbsearch output, I see that "fullName" and "gecos" are always the same, although on the AD Server, the ldap attributes for the user: "gecos" and "name" are different.
e.g.
# ldapsearch -x -D "cn=Administrator,cn=Users,dc=sssdad,dc=com" -w XXXX -h 10.65.206.100 -b "cn=Users,dc=sssdad,dc=com" uid=testuser3 name gecos -LLL dn: CN=testuser3,CN=Users,DC=sssdad,DC=com name: testuser3 gecos: GECOS TESTUSER3 # ldbsearch -H /var/lib/sss/db/cache_ADTEST.ldb name=testuser3 fullName gecos asq: Unable to register control with rootdse! # record 1 dn: name=testuser3,cn=users,cn=ADTEST,cn=sysdb fullName: GECOS TESTUSER3 gecos: GECOS TESTUSER3
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.9.1 priority: major => minor rhbz: => 0
Name and fullName seem to be two different attributes. And from the code, it looks that it is intentional to have fullName equal to gecos.
From sysdb_add_basic_user():
/* We set gecos to be the same as fullname on user creation, * But we will not enforce coherency after that, it's up to * admins to decide if they want to keep it in sync if they change * one of the 2 */ if (gecos && *gecos) { ret = add_string(msg, LDB_FLAG_MOD_ADD, SYSDB_FULLNAME, gecos); if (ret) goto done; ret = add_string(msg, LDB_FLAG_MOD_ADD, SYSDB_GECOS, gecos); if (ret) goto done; }
_comment0: Name and fullName seems to be two different attributes. And from the code, it looks that it is intentional to have fullName equal to gecos.
From sysdb_add_basic_user(): {{{ / We set gecos to be the same as fullname on user creation, * But we will not enforce coherency after that, it's up to * admins to decide if they want to keep it in sync if they change * one of the 2 / if (gecos && *gecos) { ret = add_string(msg, LDB_FLAG_MOD_ADD, SYSDB_FULLNAME, gecos); if (ret) goto done; ret = add_string(msg, LDB_FLAG_MOD_ADD, SYSDB_GECOS, gecos); if (ret) goto done; } }}} => 1349349656462429
milestone: SSSD 1.9.1 => SSSD 1.9.2
In the AD case it probably make sense to deefault to 'Name' (or CN, IIRC they are the same) for the Full Name.
We'll look at this task during the 1.9.3 cycle. Sorry for the constant rescheduling.
milestone: SSSD 1.9.2 => SSSD 1.9.3
owner: somebody => pbrezina status: new => assigned
patch: 0 => 1
master: - ec2102d - 45e2a56
design: => design_review: => 0 fedora_test_page: => resolution: => fixed status: assigned => closed
Metadata Update from @kaushikub: - Issue assigned to pbrezina - Issue set to the milestone: SSSD 1.9.3
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2524
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.