Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1125187
Description of problem: simple_allow_groups does not lookup groups from other AD domains Version-Release number of selected component (if applicable): sssd-1.11.6-12.el6 How reproducible: Always Steps to Reproduce: 1. sssd configured for ad provider. primary domain=sssdad.com [domain/sssdad.com] id_provider = ad debug_level = 0xFFF0 use_fully_qualified_names = True access_provider = simple simple_allow_groups=group1_dom3@child1.sssdad.com 2. Lookup the child domain group # getent group group1_dom3@child1.sssdad.com group1_dom3@child1.sssdad.com:*:1184401714:user1_dom3@child1.sssdad.com 3. # ssh -l user1_dom3@child1.sssdad.com localhost user1_dom3@child1.sssdad.com@localhost's password: Connection closed by ::1 Actual results: Access is denied Domain log shows: (Thu Jul 31 05:07:32 2014) [sssd[be[sssdad.com]]] [simple_check_get_groups_primary] (0x0040): Could not look up primary group [1184401711]: [2][No such file or directory] (Thu Jul 31 05:07:32 2014) [sssd[be[sssdad.com]]] [simple_check_get_groups_send] (0x0400): All groups had name attribute (Thu Jul 31 05:07:32 2014) [sssd[be[sssdad.com]]] [simple_access_check_done] (0x2000): Group check done (Thu Jul 31 05:07:32 2014) [sssd[be[sssdad.com]]] [simple_access_check_recv] (0x1000): Access not granted Expected results: Access should be permitted Additional info:
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => owner: somebody => preichl review: True => 0 selected: => testsupdated: => 0
As agreed on the Aug-14 meeting, moving to the 1.11.6 milestone
milestone: NEEDS_TRIAGE => SSSD 1.11.7
owner: preichl => lslebodn
status: new => assigned
patch: 0 => 1
resolution: => fixed status: assigned => closed
Metadata Update from @jhrozek: - Issue assigned to lslebodn - Issue set to the milestone: SSSD 1.11.7
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3449
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.