attachment
sssd_LDAP.log

attachment
common-auth

attachment
sssd.conf

Pruned SysLog
syslog.prune

I can reproduce this issue with OpenLDAP and active password policy overlay.

owner: somebody => sbose
patch: 0 => 1
status: new => assigned

How to reproduce:

To reproduce the segfault it should be sufficient to add

objectClass: pwdPolicy
pwdAttribute: userPassword

to a user entry and try to log in with this user.

For completeness, to use the ppolicy overlay please add:

olcModuleLoad: ppolicy.la
olcPPolicyDefault: cn=pwdconfig,ou=config,dc=your,dc=base,dc=dn
olcOverlay: ppolicy

to /etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb.ldif .

Create a policy like

dn: cn=pwdconfig,ou=config,dc=your,dc=base,dc=dn
objectClass: pwdPolicy
objectClass: top
objectClass: person
pwdAttribute: userPassword
sn: Password Policy
cn: pwdconfig
pwdMaxAge: 100
pwdExpireWarning: 10
pwdGraceAuthNLimit: 3

and add

objectClass: pwdPolicy
pwdAttribute: userPassword
pwdPolicySubentry: cn=pwdconfig,ou=config,dc=your,dc=base,dc=dn

to a user object.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.5.9
priority: major => blocker

Fix by a950b3f for master and 4443a19 for sssd-1-5

resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1938

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.