On Tue, Jan 18, 2022 at 8:00 PM Spike White <spikewhitetx(a)gmail.com> wrote:
Then please feel free to ask support to attach your case to this BZ.
The fix -
Here's what's cute. It only occurs on specific child AD domains. for
instance, APAC (asia pacific) can see only EMEA (Europe-Middle
East-Africa). Cannot see AMER (Americas). Consistently, all servers in
that child domain cannot discover (with this new sssd version).
In other AD domains (like AMER), consistently all servers with this new
sssd version do discover all AD domains. So servers in AMER discover all
expected domains.
Spike
On Tue, Jan 18, 2022 at 12:11 PM Alexey Tikhonov <atikhono(a)redhat.com>
wrote:
>
>
> On Tue, Jan 18, 2022 at 5:52 PM Spike White <spikewhitetx(a)gmail.com>
> wrote:
>
>> sssd experts,
>>
>> This sssd version (released Tue 23 Nov 2021) is under-discovering AD
>> domains.
>>
>> A similar sssd bug occurred last July, where sssd over-discovered AD
>> domains (AD domains for which there was not a legal trust relationship with
>> this AD domain.) Now, it appears that sssd is under-discovering AD domains
>> (not discovering AD domains which have a valid trust relationship with this
>> AD domain).
>>
>> Ultimately, an sssd developer on this sssd mailing list (Sumit Rose)
>> resolved the July bug of AD domain over-discovery. Hopefully, someone
>> will recognize this new AD domain under-discovery bug.
>>
>> We have opened RedHat support case #03124778 for this new AD domain
>> under-discovery bug. But to be frank, such complicated sssd bugs don’t get
>> resolved by RHEL L1 customer support. (RHEL customer support is great, but
>> not for complicated sssd bugs.)
>>
>> For now, we have pulled sssd-*-1.16.5-10.0.1.el7_9.11.x86_64 RPMs out
>> of our Jan OS patching cycle.
>>
>
> Please check the description of
>
https://bugzilla.redhat.com/show_bug.cgi?id=2032867
> Does it match your issue?
>
> Btw, ".0.1." in "1.16.5-10.0.1.el7_9.11" looks weird. Package
version
> should be 1.16.5-10.el7_9.10
>
>
>
>
>
>> Spike
>> _______________________________________________
>> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
>> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
>> Fedora Code of Conduct:
>>
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
>> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
>> List Archives:
>>
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
>> Do not reply to spam on the list, report it:
>>
https://pagure.io/fedora-infrastructure
>>
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
> To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
>
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
>
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
> Do not reply to spam on the list, report it:
>
https://pagure.io/fedora-infrastructure
>
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure