On Wed, Jan 24, 2018 at 03:06:58PM +0100, Franky Van Liedekerke wrote: > Hi, > > > > > > > > we saw a lot of queries for uidnumber=4294967295 in our ldap backend > logs (from sssd), so we did as suggested by > > > > https://access.redhat.com/solutions/2963401 > > > > > > > > and added max_id=4294967294 in our sssd domain config. > > > > But this seems to be ignored (at least in version > 1.15.2-50.el7_4.8.x86_64), as the queries continue to arrive in ldap. > > > > Adding ldap_max_id with the same value resulted in an "numerical out > of range" error and sssd refuses to start then (seems to be 16-bit > ...). > > > > > > > > And of course I read the nfsnobody discussions where the uid=65534 :-) > > > > As a workaround, I added an entry in /etc/passwd for uid > 4294967295 so the problem went away, but this still leaves the max_id > and ldap_max_id issues that should be working fine ... > > > > Any hints?
Sounds like https://pagure.io/SSSD/sssd/issue/3569 which was fixed upstream in the upcoming (once we fix known regressions...) release. The fix was also backported to RHEL-7.5 and the next RHEL-7.4.z release.. _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org