sssd fails to resolve names properly; replacing 'id_provider' by 'domain_type' in sssd.conf fixes it, but this is documented nowhere
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sssd (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
After upgrading sssd from the 12.04 to the quantal version, 1.9.0~beta6-
0. In sssd.conf I have two domains configured, named 'LOCAL' and 'SAMBA' where the latter uses a Samba 4 beta2 AD LDAP server.
1. While "getent passwd" lists all expected users from passwd and LDAP, "getent passwd <username>" produces no output and "id <username" results in "id: <username>: No such user", etc.
2. Running sssd interactively ("sssd -i -d 0xffff") and trying "id foo" for user "foo" in the LDAP directory produces some interesting debugging output.
=== BEGIN ===
(Tue Sep 11 15:20:10 2012) [sssd[nss]] [sss_parse_
(Tue Sep 11 15:20:10 2012) [sssd[nss]] [nss_cmd_getpwnam] (0x0100): Requesting info for [foo] from [<ALL>]
(Tue Sep 11 15:20:10 2012) [sssd[nss]] [sss_dp_
(Tue Sep 11 15:20:10 2012) [sssd[nss]] [sss_dp_
(Tue Sep 11 15:20:10 2012) [sssd[nss]] [sss_dp_
=== END ===
3. "getent passwd <username>@LDAP" *does* produce output (where <username> is in the LDAP directory).
4. sssd works properly again if, in the [domain/LOCAL] section of sssd.conf the line
id_provider = local
is replaced by the line
domain_type = local
Then the debugging output looks like the following
=== BEGIN ===
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_parse_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [nss_cmd_getpwnam] (0x0100): Requesting info for [foo] from [<ALL>]
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_dp_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_dp_
(Tue Sep 11 15:31:39 2012) [sssd[be[SAMBA]]] [be_get_subdomains] (0x0400): Got get subdomains [not forced][]
(Tue Sep 11 15:31:39 2012) [sssd[be[SAMBA]]] [be_get_subdomains] (0x0100): Undefined backend target.
(Tue Sep 11 15:31:39 2012) [sssd[be[SAMBA]]] [be_get_subdomains] (0x1000): Request processed. Returned 3,19,Subdomains back end target is not configured
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_dp_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_dp_get_reply] (0x1000): Got reply from Data Provider - DP error code: 3 errno: 19 error message: Subdomains back end target is not configured
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_parse_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [nss_cmd_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [sss_ncache_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [nss_cmd_
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [check_cache] (0x0400): Cached entry is valid, returning..
(Tue Sep 11 15:31:39 2012) [sssd[nss]] [nss_cmd_
=== END ===
The need to replace 'id_provider' by 'domain_type' is not documented anywhere I've seen.
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: sssd 1.9.0~beta6-
ProcVersionSign
Uname: Linux 3.2.0-30-generic x86_64
ApportVersion: 2.0.1-0ubuntu13
Architecture: amd64
Date: Tue Sep 11 15:15:05 2012
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
ProcEnviron:
LANGUAGE=en_US:en
TERM=xterm
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: sssd
UpgradeStatus: No upgrade log present (probably fresh install)
I suspect that you are hitting upstream bug https:/ /fedorahosted. org/sssd/ ticket/ 1436 that was fixed in the upstream release 1.9.0 beta 7 (commit bdbf4f169e4d5d0 0b0616df19f7a55 debb407f78)
I'm not sure where the "domain_type" comes from, the SSSD has no option called domain_type. If it fixed your problem, it must have been purely by accident.