Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1247539
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Description of problem: SSSD intermittently fails to resolve group membership. Customer has configured IPA-AD trust as well as HBAC rules on IPA server. Sometimes SSSD fails to resolve group membership of AD users and due to the same, AD users could not login to the system as HBAC rules are configured based on AD groups. How reproducible: Intermittently. Steps to Reproduce: 1. Configure IPA-AD Trust. 2. Configure HBAC rules for AD users based on AD groups. 3. Configure IPA client and try logging in as an AD user. Additional info: Seems issue gets resolved after clearing the SSSD cache.
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => mark: no => 0 owner: somebody => preichl review: True => 0 selected: => testsupdated: => 0
milestone: NEEDS_TRIAGE => SSSD 1.13.2
This turned out to be a bug that was already fixed earlier.
resolution: => invalid status: new => closed
Metadata Update from @jhrozek: - Issue assigned to preichl - Issue set to the milestone: SSSD 1.13.2
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3786
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.