On Mon, Dec 17, 2012 at 06:00:21PM -0800, Andrew Wygle wrote:
Hello,
Thanks to the help of this list I successfully got SSSD to
authenticate against a Windows Server 2008 R2 Active Directory domain
controller. SSH logins work. I am, however, having a problem with UID and
GID mappings.
On Mon, Dec 17, 2012 at 01:18:54PM +0100, Pavel Březina wrote:
On 12/15/2012 08:02 PM, Jakub Hrozek wrote:
https://fedorahosted.org/sssd/ticket/1708
The services kept the fd to /var/log/sssd/sssd.log open. I don't think
there's any point in keeping the logfiles open after exec-ing for the
On Mon, Dec 17, 2012 at 01:05:46PM +0100, Pavel Březina wrote:
On 12/16/2012 11:38 PM, Jakub Hrozek wrote:
I have not reproduced the access-after-free described in
https://fedorahosted.org/sssd/ticket/1706 but the backtrace matches the
fix and I think it's simply the correct thing to do.
On Tue, Dec 18, 2012 at 11:57:19AM +0100, Jakub Hrozek wrote:
On Mon, Dec 17, 2012 at 01:05:46PM +0100, Pavel Březina wrote:
On 12/16/2012 11:38 PM, Jakub Hrozek wrote:
I have not reproduced the access-after-free described in
https://fedorahosted.org/sssd/ticket/1706 but the backtrace
Hello all,
according to my ldap base administrator I'm sending border line ldap
requests. Of course I'm using SSSD configured as follows :
[domain/default]
auth_provider = ldap
ldap_id_use_start_tls = False
chpass_provider = ldap
cache_credentials = False
ldap_search_base =
On Tue, Dec 18, 2012 at 02:43:08PM +0100, François Dagorn wrote:
Hello all,
according to my ldap base administrator I'm sending border line ldap
requests. Of course I'm using SSSD configured as follows :
[domain/default]
auth_provider = ldap
ldap_id_use_start_tls = False
chpass_provider
I'm not entirely sure I understood your problem, but it seems the LDAP
server admin is complaining that the SSSD is putting high load on the
server, right?
Yes.
The above search requires the uid, uidNumber and gidNumber attributes to
be indexed in order to be efficient. I think they
Hi,
On Tue, Dec 18, 2012 at 3:05 PM, Jakub Hrozek jhro...@redhat.com wrote:
On Tue, Dec 18, 2012 at 02:43:08PM +0100, François Dagorn wrote:
Hello all,
according to my ldap base administrator I'm sending border line ldap
requests. Of course I'm using SSSD configured as follows :
On Tue, Dec 18, 2012 at 03:11:25PM +0100, François Dagorn wrote:
I'm not entirely sure I understood your problem, but it seems the LDAP
server admin is complaining that the SSSD is putting high load on the
server, right?
Yes.
The above search requires the uid, uidNumber and
On Mon, Dec 17, 2012 at 08:48:32PM +0100, Jakub Hrozek wrote:
On Mon, Dec 17, 2012 at 12:12:15PM +0100, Pavel Březina wrote:
On 12/17/2012 11:34 AM, Jakub Hrozek wrote:
On Sun, Dec 16, 2012 at 09:49:06PM +0100, Pavel Březina wrote:
The problem is when we are about to reset the server
On Mon, Dec 17, 2012 at 06:19:38PM +0100, Jakub Hrozek wrote:
On Fri, Dec 14, 2012 at 06:23:12PM +0100, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1689
Now if first full refresh fails because the data provider is
offline, we take following steps:
1. schedule another
Le 18/12/2012 15:35, Marco Pizzoli a écrit :
They need to have a presence index to leverage indexing with that query.
(attribute=*) simply means check that the attribute exists.
I suspect your admin has indexed those attirbutes only for eq.
I guess you are right, I'm not aware enough of
On Tue, Dec 18, 2012 at 05:12:29PM +0100, Jakub Hrozek wrote:
On Mon, Dec 17, 2012 at 06:19:38PM +0100, Jakub Hrozek wrote:
On Fri, Dec 14, 2012 at 06:23:12PM +0100, Pavel Březina wrote:
https://fedorahosted.org/sssd/ticket/1689
Now if first full refresh fails because the data
On Mon, Dec 17, 2012 at 06:05:20PM +0100, Pavel Březina wrote:
On 12/15/2012 06:39 PM, Jakub Hrozek wrote:
The attached patches implement functionality the admins have been asking
for in the autofs responder - when the auto.master map is requested,
refresh the mountpoints.
The motivation is
On Mon, Dec 17, 2012 at 10:30:14PM +0100, Sumit Bose wrote:
Hi,
https://fedorahosted.org/sssd/ticket/1635 was reopened because the
provided patch didn't fix the problem for the reporter. I think the
issue is that although we do lookups for all different types of
principals we do not lookup
On Dec 18, 2012 5:17 PM, François Dagorn francois.dag...@univ-rennes1.fr
wrote:
Le 18/12/2012 15:35, Marco Pizzoli a écrit :
They need to have a presence index to leverage indexing with that
query.
(attribute=*) simply means check that the attribute exists.
I suspect your admin has
On Sun, Dec 16, 2012 at 04:21:36PM +0100, Jakub Hrozek wrote:
On Fri, Dec 14, 2012 at 04:09:35PM -0500, Simo Sorce wrote:
Add a timeout to side requests so they do not hang forever.
Tested with SIGSTOPping sssd_be and monitor and then waiting for the
request and later the idle timer to
I forgot to add the new file to the headers list so distcheck was
failing..
Pushed to master and sssd-1-9 under the one-liner rule.
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Detected by Coverity. I think I was too spoiled with talloc recently.
From 4a1d817e00ceb55011a992f376dfd668f68204cb Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Tue, 18 Dec 2012 19:33:57 +0100
Subject: [PATCH] Free resources if fileno failed
---
src/util/debug.c | 2 ++
1
On Tue, Dec 18, 2012 at 07:38:25PM +0100, Jakub Hrozek wrote:
I forgot to add the new file to the headers list so distcheck was
failing..
Pushed to master and sssd-1-9 under the one-liner rule.
Attached is the patch I pushed earlier.
From 2886f8ac71025342c673873f2145a1bc358b3773 Mon Sep 17
On Tue, Dec 18, 2012 at 06:41:30PM +0100, Jakub Hrozek wrote:
On Mon, Dec 17, 2012 at 10:30:14PM +0100, Sumit Bose wrote:
Hi,
https://fedorahosted.org/sssd/ticket/1635 was reopened because the
provided patch didn't fix the problem for the reporter. I think the
issue is that although we
On Tue 18 Dec 2012 01:39:45 PM EST, Jakub Hrozek wrote:
Detected by Coverity. I think I was too spoiled with talloc recently.
Ack
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
Indeed... if the presence index on the uid attribute doesn't exist,
you are doing a full scan on your (sub) tree. So, the load is semi
directly related to the dimension of your data
Did I miss the point you were asking? Please let me know if that's the
case
Thanx a lot, your answer is
Fixes https://fedorahosted.org/sssd/ticket/1728
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From 7988a75e552918e164d0693c6c4de2a5c4a30db6 Mon Sep 17 00:00:00 2001
From: Simo Sorce s...@redhat.com
Date: Tue, 18 Dec 2012 20:52:02 -0500
Subject: [PATCH] memberof: Prevent unneded failure case
24 matches
Mail list logo