On Wed, Apr 18, 2018 at 10:49 AM, Sumit Bose sbose@redhat.com wrote:
On Tue, Apr 10, 2018 at 01:30:44PM +0200, Sumit Bose wrote:
On Mon, Apr 09, 2018 at 10:53:51AM -0400, Asif Iqbal wrote:
On Mon, Apr 2, 2018 at 12:20 PM, Asif Iqbal vadud3@gmail.com wrote:
On Tue, Mar 27, 2018 at 4:43 AM, Sumit Bose sbose@redhat.com
wrote:
On Fri, Mar 23, 2018 at 06:13:39PM -0400, Asif Iqbal wrote:
On Thu, Mar 22, 2018 at 2:51 PM, Asif Iqbal vadud3@gmail.com
wrote:
> > [..stripped for brevity..] >>> > > > So I see 5% of current users have mnetid with leading 0. >>> > > > >>> > > > So I never used sss_override. How do I use sss_override
to
make
>>> mnetid >>> > > > 004311 >>> > > > to work with sss when ldap id mapping tries to map 4311
instead?
>>> > > > >>> > > > Appreciate your help! >>> > > >>> > > I haven't tested it with your setup but >>> > > >>> > > sss_override user_add mwvande --uid 4311 --gid 4311 >>> > > sss_override group_add mwvande --gid 4311 >>> > > >>> > > should create the needed override data so that user and
group
mwvande
>>> > > can be looked up with the ID 4311. >>> > > >>> > >>> > >>> > So I can lookup by 4311 after this. Very nice! >>> > >>> > Do I need to restart sssd after these two commands? >>> >>> You have to restart SSSD after adding the first overrides to
switch
on
>>> the override handling. If you add additional override later
on you
do
>>> not have to restart SSSD, but you might need to wait until
some
cache
>>> timeouts are passed before the overridden values are shown. >>> >> >> >> I have a user today complained whose mnetid has leading 0s >> >> [mwvande@example:]$ ssh sgx2-brdr-01 >> >> No user exists for uid 4311 >> >> I already have the sss_override ran last week for 100 users
last
week and
>> sssd was restarted. >> >> >> >> > I am still wondering if there is a gap in my using sss_override > > I have ran this, example commands, for all users with leading
0s in
mnetid
> > sss_override user-add mwvande --uid 4311--gid 4311 > sss_override group-add mwvande --gid 4311 > > Then I ran the systemctl restart sssd
As said earlier I haven't tested overrides with your type of setup,
so
I'm not sure if they work as expected. After adding the overrides
and
restarting SSSD with debug_level=9 in the [nss] and [domain/...] sections of sssd.conf, can you call 'sss_cache -E' and 'getent
passwd
4311' and send me the related logs.
bye, Sumit
# sss_cache -E # getent passwd 4311 (no output)
sssd_LDAP.log https://gist.github.com/
7170405abc3c7b8a2fac0211f4452aab
sssd_nss.log https://gist.github.com/cd1a4a1323c94d0284d4001fe364bf
71
Appreciate your help!
Hi Sumit et al.,
Still like some help to resolve this.
Thank you for the logs. Unfortunately I cannot see the reason in the logs why it does not work. I'll have to replicate your setup and try to reproduce the issue and will send my findings in a few days.
I was able to reproduce the issue if I use a string attribute with a leading white-space as UID attribute. I have to think a bit about how this can be fixed in a general way.
I am glad(?) you saw same issue. Appreciate your help!
bye, Sumit