On Thu, Nov 08, 2012 at 06:17:40PM +0100, Ondrej Valousek wrote: > Ok, I gave it a try (with an AD provider) and here are the bugs I have found > so far: > > 0. My configuration: > id_provider = ad > auth_provider = ad > chpass_provider = ad > cache_credentials = True > ldap_id_mapping = False > # ldap_sasl_authid = LOGINA$@DUBLIN.AD.S3GROUP.COM > > 1. Upgrade db database from the 1.8 versions (aka RHEL 6U3) does not > work. SSSD won't start (dies silently). I had to rm > /var/lib/sss/db/* to make it working.
This is pretty bad. Do you still have the old database somewhere or the possibility of generating it again with old packages? We haven't seen this bug so far in our testing, but apparently it's out there.. > 2. sssd won't work when I specify correct ldap_sasl_authid (see the > example above). This is bad as I might have my krb5.keytab cluttered > with other (possibly not working) keys so I would like to keep the > possibility of specifying the ldap_sasl_authid manually. So this is authid that was working with the plain ldap provider but dosn't work with ad provider? Can you share logs? Have you tried if using this authid works even with 1.9 with the ldap provider? > 3. This is a show stopper for me. I can not disable ID mapping as the example > above does not work for me: > > Desired results: > Only users and groups w/ RFC2307 attributes are seen, NO id mapping is > performed. > Achieved results: > Users and groups who have defined RFC2307 attributes are displayed > fine (RFC2307 attributes honored), but also users & groups with no > RFC2307 attributes are displayed (RFC2307 attributes computed by > sssd) > I suspect that this issue might be fixed in the latest builds. I was planning to upgrade this preview repo to 1.9.3 when it becomes ready, but it wouldn't be too hard to include the fixes we have so far so you could test. > Ondrej > Thank you very much for testing. _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users