[prev in list] [next in list] [prev in thread] [next in thread]
List: sssd-devel
Subject: Re: [SSSD] [PATCH] sysdb: remove ghosts in all sub-domains as well
From: Jakub Hrozek <jhrozek () redhat ! com>
Date: 2015-01-23 20:57:47
Message-ID: 20150123205747.GB12004 () hendrix ! redhat ! com
[Download RAW message or body]
On Fri, Jan 23, 2015 at 09:54:51PM +0100, Jakub Hrozek wrote:
> On Fri, Jan 23, 2015 at 09:26:27PM +0100, Jakub Hrozek wrote:
> > On Fri, Jan 23, 2015 at 04:39:03PM +0100, Sumit Bose wrote:
> > > Hi,
> > >
> > > this patch fixes an issue with the handling of universal groups. You can
> > > reproduce it with the following steps either with the AD provider in an
> > > AD forest with multiple domains or with the IPA provider and trust to an
> > > AD forest with multiple domains and a universal group:
> > > - start with an empty cache
> > > - getent group universal_group@dom1.ad
> > > - ldbsearch -H /path/to/cache name=universal_group@dom1.ad
> > >
> > > the cached object only has ghost members because no users are resolved
> > >
> > > - getent passwd group_member@dom2.ad
> > > - ldbsearch -H /path/to/cache name=universal_group@dom1.ad
> > >
> > > if a group member from a different domain than the group itself is
> > > resolved the ghost entry is not removed.
> > >
> > > bye,
> > > Sumit
> >
> > ACK
> >
> > tested on an IPA server with trusts.
>
> * master: fc2146c108e28d50bbf691925cedf9592142dd14
> * sssd-1-12: 20f4640cd4dbec3a91b615611a4adc418ffae91c
I forgot to send the CI link along with the ACK:
http://sssd-ci.idm.lab.eng.brq.redhat.com:8080/job/ci/662/
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic