Learn more about these different git repos.
Other Git URLs
-Ubuntu 11.04 -sssd-1.5.7 from a 3rd-party PPA
Problem: On login with proper LDAP Credentials, the login times-out after 60 seconds.
Re-create: -Start SSSD -Attempt login with proper LDAP Creds
Expected Result: -Success Login! :)
Actual Result: -Login Time out -Segfault shown on libsss_ldap in syslog, followed by sssd starting line
If you attempt login with invalid creds, login fails properly, timely, as expected... Meaning LDAP is reachable.
attachment sssd_LDAP.log
attachment common-auth
attachment sssd.conf
Pruned SysLog syslog.prune
I can reproduce this issue with OpenLDAP and active password policy overlay.
owner: somebody => sbose patch: 0 => 1 status: new => assigned
How to reproduce:
To reproduce the segfault it should be sufficient to add
objectClass: pwdPolicy pwdAttribute: userPassword
to a user entry and try to log in with this user.
For completeness, to use the ppolicy overlay please add:
olcModuleLoad: ppolicy.la olcPPolicyDefault: cn=pwdconfig,ou=config,dc=your,dc=base,dc=dn olcOverlay: ppolicy
to /etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb.ldif .
Create a policy like
dn: cn=pwdconfig,ou=config,dc=your,dc=base,dc=dn objectClass: pwdPolicy objectClass: top objectClass: person pwdAttribute: userPassword sn: Password Policy cn: pwdconfig pwdMaxAge: 100 pwdExpireWarning: 10 pwdGraceAuthNLimit: 3
and add
objectClass: pwdPolicy pwdAttribute: userPassword pwdPolicySubentry: cn=pwdconfig,ou=config,dc=your,dc=base,dc=dn
to a user object.
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.5.9 priority: major => blocker
Fix by a950b3f for master and 4443a19 for sssd-1-5
resolution: => fixed status: assigned => closed
rhbz: => 0
Metadata Update from @rdehavenl: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.5.9
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1938
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.