On 07/22/2016 02:34 PM, Petr Cech wrote:
Hi list,
there is patch solving [1] attached.
It is possible that we will have similiar problem with other local keys,
so I wrote special function for adding key to list of missing with
condition if it is needed or not.
[1]
https://fedorahosted.org/sssd/ticket/2841
Regards
Hi list,
I am sorry... I forget provide more information about this issue.
I reproduced and tested it with the sssd box connected to the LDAP
server which was running as part of FreeIPA server.
(The trick is you connect sssd box to the FreeIPA and then you change
the configuration of SSSD, so you have right certificate and so on).
After it, I manage netgroups on LDAP via FreeIPA webadmin (this is bonus
of this environment).
I create three netgroups ng_[1,2,3] such as ng_1 members were ng_2,
ng_3. I could remove one by one group and saw what happend.
Very usefull was command:
# sss_cache -N && getent netgroup ng_1
And I can check local db with ldbsearch too.
There were local key 'memberNisNetgroup' which is connected to
'originalMemberNisNetgroup' living in LDAP :-)
This local key didn't disappear when we removed last group. And that was
the problem.
Regards
--
Petr^4 Čech