Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1053106
Description of problem: When sssd is joined to and AD forest the trusted domains users will not have a homedir path or shell. RHEL7 sssd not setting IPA AD trusted user homedir https://bugzilla.redhat.com/show_bug.cgi?id=1034920 Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1. Join root forest domain realm join --user=Administrator sssdad.com sssd.conf [domain/sssdad.com] ad_domain = sssdad.com krb5_realm = SSSDAD.COM realmd_tags = manages-system joined-with-samba cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = True fallback_homedir = /home/%d/%u access_provider = ad 2. Forest has child and/or other tree trust. # getent passwd Administrator@sssdad.com administrator@sssdad.com:*:498200500:498200513:Administrator:/home/sssdad.com/a dministrator:/bin/bash # getent passwd Administrator@child1.sssdad.com administrator@child1.sssdad.com:*:1184400500:1184400500:Administrator:/: # getent passwd Administrator@sssdad_tree.com administrator@sssdad_tree.com:*:525400500:525400500:Administrator:/: Actual results: homedir path is / and not shell is in getent. Expected results: the homedir and shell is inherited from the parent Additional info: When global settings are used. [nss] default_shell = /bin/bash fallback_homedir = /home/%d/%u %u differs between the parent domain and the other two domains. # getent passwd Administrator@sssdad.com administrator@sssdad.com:*:498200500:498200513:Administrator:/home/sssdad.com/a dministrator:/bin/bash # getent passwd Administrator@child1.sssdad.com administrator@child1.sssdad.com:*:1184400500:1184400500:Administrator:/home/chi ld1.sssdad.com/administrator@child1.sssdad.com:/bin/bash # getent passwd Administrator@sssdad_tree.com administrator@sssdad_tree.com:*:525400500:525400500:Administrator:/home/sssdad_ tree.com/administrator@sssdad_tree.com:/bin/bash
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => owner: somebody => jhrozek patch: 0 => 1 review: True => 0 selected: => status: new => assigned testsupdated: => 0
milestone: NEEDS_TRIAGE => SSSD 1.11.4 resolution: => fixed status: assigned => closed
changelog: => N/A just a bugfix
Metadata Update from @jhrozek: - Issue assigned to jhrozek - Issue set to the milestone: SSSD 1.11.4
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3238
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.