Comment 0 for bug 1012900

Ubuntu release: 12.04 LTS
Package release: sssd 1.8.2-0ubuntu1 (amd64)

There is a problem using su to switch to local accounts over sssd (in this case with an ldap backend). The su session or command will work, but will produce an error status on exit (or completion).

The local accounts are present in the sssd.conf "filter_users" directive so that they are supposed to be ignored at the NSS level.

What is expected to happen:

# su - localaccount
localaccount@hostname:~$ exit
logout
# echo $?
0

What happens:

# su - localaccount
localaccount@hostname:~$ exit
logout
su: User not known to the underlying authentication module
# echo $?
1

In /var/log/auth.log this error is recorded:
Jun 4 23:00:45 hostname su[23930]: pam_unix(su:session): session closed for user localaccount
Jun 4 23:00:45 hostname su[23930]: pam_close_session: User not known to the underlying authentication module