What were you trying to do that didn't work?

Huge number of `Expected cn in RDN, got uid` appear like

(2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x1000): [RID#16] Parsing uid=exampleuser,cn=users,cn=accounts,dc=example,dc=com
(2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x0020): [RID#16] Expected cn in RDN, got uid

Please provide the package NVR for which bug is seen:

sssd-2.8.2-3.el9_2.x86_64
sssd-2.8.2-2.el8.x86_64

How reproducible:

Always

Steps to reproduce

1. Assume the IdM have 2 users, alice and bob
2. Add the rule for bob

   ipa hbacrule-add --hostcat=all bob-allow
   ipa hbacrule-add-user --users bob bob-allow
   

1. Restart sssd with cache remove and ensure both alice and bob are not in SSSD cache

   systemctl stop sssd; rm -fr /var/lib/sss/{db,mc}/*; systemctl start sssd
   

1. Now ssh as alice, then quit

   ssh alice@localhost
   exit
   

1. grep the sssd log

   grep "Expected cn in RDN" /var/log/sssd/*
   

Expected results

The error should not appear in debug_level 1 (or 0x0020)

Actual results

The error appear in debug_level 1

(2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x1000): [RID#16] Parsing uid=bob,cn=users,cn=accounts,dc=example,dc=com
(2023-10-11 14:40:14): [be[example.com]] [get_ipa_groupname] (0x0020): [RID#16] Expected cn in RDN, got uid