Hi, on sssd 1.13.4-1ubuntu1.5:
looking at sssd_domain.tls.log with debug level 9, I can see many wrong group requests.
After flushing ssd cache and restarting:
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(&(gidNumber=10117)(objectClass=group)(sAMAccountName=*)(&(gidNumber=*)(!(gidNumber=0))))][DC=domain,DC=tld].
=> it is valid, but few milliseconds later:
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(&(sAMAccountName=10107)(objectClass=group)(sAMAccountName=*)(&(gidNumber=*)(!(gidNumber=0))))][DC=domain,DC=tld]
returns nothing, because sAMAccountName=10107 does not exists
in sssd_nss.log, it generates many errors such
[sssd[nss]] [nss_cmd_getpwnam_search] (0x0040): No results for getpwnam call
[nss_cmd_getgrnam_search] (0x0040): No results for getgrnam call
is it expected or a misconfiguration on my test environment?
attached : sssd.conf
Attachments:
- sssd.conf
(application/octet-stream — 1.9 KB)