Thomas, 1.9.1 changed the default behavior so that we do not enable the
matching rule by default, but I suspect that the same issue is likely
present if it is re-enabled manually.
The SSSD is *supposed* to be properly detecting whether the server it's
talking to is capable of understanding that ro
Not reproducible any more with version 1.9.1.
** Changed in: sssd (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1049186
Title:
sssd sometimes forgets all
I have filed a report about this problem in the Samba 4 BTS.
https://bugzilla.samba.org/show_bug.cgi?id=9237
** Bug watch added: Samba Bugzilla #9237
https://bugzilla.samba.org/show_bug.cgi?id=9237
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is su
Returning to the configuration without
"ldap_initgroups_use_matching_rule_in_chain = False" but with
"ldap_purge_cache_timeout = 3" and "ldap_enumeration_refresh_timeout =
3" I captured sssd logs at debug_level 0x0ff0 and compared a sequence
immediately after which "groups" reported only one group
I found a solution. Add the following line to [domain/SAMBA]:
ldap_initgroups_use_matching_rule_in_chain = False
AIUI this prevents sssd from using the LDAP operation
1.2.840.113556.1.4.1941 which hasn't been implemented in Samba 4.
Result:
# while : ; do su -c groups foo ; sleep 1 ; done
No improvement with sssd 1.9.0-0ubuntu1.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1049186
Title:
sssd sometimes forgets all but one group memberships of a user
To manage notifications about th
Looking in samba's log I see something interesting. When doing
# while : ; do su -c groups foo ; sleep 1 ; done
and when we get a
domusers
just after a (correct)
domusers domadmins devel publish
samba always prints the following in the log.
[2012/09/26 16:14:06, 1] ../lib/ldb-s