I will be putting the setup of the continuous integration automated acceptance testing into the next sprint http://tigger.idm.lab.bos.redhat.com/sssd/ticket/256 This may have been caught by existing tests, if not, will add task to regression test this scenario. Jenny
Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 11/12/2010 11:01 AM, Sergei V. Kovylov wrote:
Stephen, you are right 1.3.1 is working version too. I have made some experiment and found out that:
- The behaviour of sssd (1.3.1) depends on how to create OU on LDAP
server. If OU with groups is created after all users' OUs then sssd gets everything correctly. Example: correct sequence: ou=MCC (users) ou=HMC (users) ou=GROUP-ACCESS (groups)
incorrect sequence: ou=GROUP-ACCESS (groups) ou=MCC (users) ou=HMC (users)
- sssd 1.4.x doesn't work even with correct sequence of OU creation
(see above). 3. if I remove GRP-SVC-SSH-NODE from GRP-SVC-SSH-NODE and recreate membership back then sssd will see members of GRP-SVC-SSH-NODE in GRP-SVC-SSH-NODE group but untill new installation or reinstallation of sssd.
Sorry it's taken me so long to reply. I've been able to reproduce the problem and I'm working on fixing it right now.
I have opened https://fedorahosted.org/sssd/ticket/683 to track the problem.
Stephen Gallagher RHCE 804006346421761
Delivering value year after year. Red Hat ranks #1 in value among software vendors. http://www.redhat.com/promo/vendor/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkziuWAACgkQeiVVYja6o6PL5QCff+mydw0B1iuiA/9gUEVxPerY oyUAnAyAXHzCJRWtlsS1JxJBojk0PZK4 =6c2m -----END PGP SIGNATURE----- _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel